diff --git a/configs/baremetal.h b/configs/baremetal.h index bdd86bfe1..4a67c98dd 100644 --- a/configs/baremetal.h +++ b/configs/baremetal.h @@ -52,6 +52,8 @@ #define MBEDTLS_SSL_CONF_SINGLE_SIG_HASH_MD_ID MBEDTLS_MD_SHA256 #define MBEDTLS_SSL_CONF_SINGLE_SIG_HASH_TLS_ID MBEDTLS_SSL_HASH_SHA256 +#define MBEDTLS_MD_SINGLE_HASH MBEDTLS_MD_INFO_SHA256 + /* Key exchanges */ #define MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED #define MBEDTLS_SSL_CIPHERSUITES MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8 diff --git a/include/mbedtls/check_config.h b/include/mbedtls/check_config.h index 6807ff33b..96340e88b 100644 --- a/include/mbedtls/check_config.h +++ b/include/mbedtls/check_config.h @@ -786,6 +786,73 @@ #define MBEDTLS_THREADING_IMPL #endif +/* Ensure that precisely one hash is enabled. */ +#if defined(MBEDTLS_MD_SINGLE_HASH) + +#if defined(MBEDTLS_SHA256_C) +#define MBEDTLS_SHA256_ENABLED 1 +#else +#define MBEDTLS_SHA256_ENABLED 0 +#endif /* MBEDTLS_SHA256_C */ + +#if defined(MBEDTLS_SHA256_C) && !defined(MBEDTLS_SHA256_NO_SHA224) +#define MBEDTLS_SHA224_ENABLED 1 +#else +#define MBEDTLS_SHA224_ENABLED 0 +#endif /* MBEDTLS_SHA256_C && !MBEDTLS_SHA256_NO_SHA224 */ + +#if defined(MBEDTLS_SHA512_C) +#define MBEDTLS_SHA512_ENABLED 2 +#else +#define MBEDTLS_SHA512_ENABLED 0 +#endif /* MBEDTLS_SHA512_C */ + +#if defined(MBEDTLS_SHA1_C) +#define MBEDTLS_SHA1_ENABLED 1 +#else +#define MBEDTLS_SHA1_ENABLED 0 +#endif /* MBEDTLS_SHA1_C */ + +#if defined(MBEDTLS_MD2_C) +#define MBEDTLS_MD2_ENABLED 1 +#else +#define MBEDTLS_MD2_ENABLED 0 +#endif /* MBEDTLS_MD2_C */ + +#if defined(MBEDTLS_MD4_C) +#define MBEDTLS_MD4_ENABLED 1 +#else +#define MBEDTLS_MD4_ENABLED 0 +#endif /* MBEDTLS_MD4_C */ + +#if defined(MBEDTLS_MD5_C) +#define MBEDTLS_MD5_ENABLED 1 +#else +#define MBEDTLS_MD5_ENABLED 0 +#endif /* MBEDTLS_MD5_C */ + +#if defined(MBEDTLS_RIPEMD160_C) +#define MBEDTLS_RIPEMD160_ENABLED 1 +#else +#define MBEDTLS_RIPEMD160_ENABLED 0 +#endif /* MBEDTLS_RIPEMD160_C */ + +#define MBEDTLS_HASHES_ENABLED \ + ( MBEDTLS_MD2_ENABLED + \ + MBEDTLS_MD4_ENABLED + \ + MBEDTLS_MD5_ENABLED + \ + MBEDTLS_RIPEMD160_ENABLED + \ + MBEDTLS_SHA1_ENABLED + \ + MBEDTLS_SHA256_ENABLED + \ + MBEDTLS_SHA512_ENABLED ) + +#if MBEDTLS_HASHES_ENABLED != 1 +#error "MBEDTLS_MD_SINGLE_HASH must be used with precisely one hash algorithm enabled." +#endif + +#undef MBEDTLS_HASHES_ENABLED +#endif /* MBEDTLS_MD_SINGLE_HASH */ + #if defined(MBEDTLS_THREADING_ALT) #if !defined(MBEDTLS_THREADING_C) || defined(MBEDTLS_THREADING_IMPL) #error "MBEDTLS_THREADING_ALT defined, but not all prerequisites" diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h index 040dcd6e9..f2daf32a4 100644 --- a/include/mbedtls/config.h +++ b/include/mbedtls/config.h @@ -3826,6 +3826,20 @@ //#define MBEDTLS_SSL_CONF_SINGLE_SIG_HASH_MD_ID //#define MBEDTLS_SSL_CONF_SINGLE_SIG_HASH_TLS_ID +/* Set this to MBEDTLS_MD_INFO_{DIGEST} support of a single message + * digest at compile-time, at the benefit of code-size. + * + * On highly constrained systems with large control over the configuration of + * the connection endpoints, this option can be used to hardcode support for + * a single hash algorithm. + * + * You need to make sure that the corresponding digest algorithm attributes + * are defined through macros in md.c. See the definitions + * MBEDTLS_MD_INFO_SHA256_XXX for example. + * + */ +//#define MBEDTLS_MD_SINGLE_HASH MBEDTLS_MD_INFO_SHA256 + /* \} SECTION: Compile-time SSL configuration */ /* Target and application specific configurations diff --git a/include/mbedtls/ecjpake.h b/include/mbedtls/ecjpake.h index 3d8d02ae6..00e752b23 100644 --- a/include/mbedtls/ecjpake.h +++ b/include/mbedtls/ecjpake.h @@ -75,7 +75,7 @@ typedef enum { */ typedef struct mbedtls_ecjpake_context { - const mbedtls_md_info_t *md_info; /**< Hash to use */ + mbedtls_md_handle_t md_info; /**< Hash to use */ mbedtls_ecp_group grp; /**< Elliptic curve */ mbedtls_ecjpake_role role; /**< Are we client or server? */ int point_format; /**< Format for point export */ diff --git a/include/mbedtls/hkdf.h b/include/mbedtls/hkdf.h index 40ee64eb0..ebf5e12ea 100644 --- a/include/mbedtls/hkdf.h +++ b/include/mbedtls/hkdf.h @@ -70,7 +70,7 @@ extern "C" { * \return An MBEDTLS_ERR_MD_* error for errors returned from the underlying * MD layer. */ -int mbedtls_hkdf( const mbedtls_md_info_t *md, const unsigned char *salt, +int mbedtls_hkdf( mbedtls_md_handle_t md, const unsigned char *salt, size_t salt_len, const unsigned char *ikm, size_t ikm_len, const unsigned char *info, size_t info_len, unsigned char *okm, size_t okm_len ); @@ -99,7 +99,7 @@ int mbedtls_hkdf( const mbedtls_md_info_t *md, const unsigned char *salt, * \return An MBEDTLS_ERR_MD_* error for errors returned from the underlying * MD layer. */ -int mbedtls_hkdf_extract( const mbedtls_md_info_t *md, +int mbedtls_hkdf_extract( mbedtls_md_handle_t md, const unsigned char *salt, size_t salt_len, const unsigned char *ikm, size_t ikm_len, unsigned char *prk ); @@ -130,7 +130,7 @@ int mbedtls_hkdf_extract( const mbedtls_md_info_t *md, * \return An MBEDTLS_ERR_MD_* error for errors returned from the underlying * MD layer. */ -int mbedtls_hkdf_expand( const mbedtls_md_info_t *md, const unsigned char *prk, +int mbedtls_hkdf_expand( mbedtls_md_handle_t md, const unsigned char *prk, size_t prk_len, const unsigned char *info, size_t info_len, unsigned char *okm, size_t okm_len ); diff --git a/include/mbedtls/hmac_drbg.h b/include/mbedtls/hmac_drbg.h index f1289cb30..ed0385455 100644 --- a/include/mbedtls/hmac_drbg.h +++ b/include/mbedtls/hmac_drbg.h @@ -138,7 +138,7 @@ void mbedtls_hmac_drbg_init( mbedtls_hmac_drbg_context *ctx ); * MBEDTLS_ERR_HMAC_DRBG_ENTROPY_SOURCE_FAILED. */ int mbedtls_hmac_drbg_seed( mbedtls_hmac_drbg_context *ctx, - const mbedtls_md_info_t * md_info, + mbedtls_md_handle_t md_info, int (*f_entropy)(void *, unsigned char *, size_t), void *p_entropy, const unsigned char *custom, @@ -158,7 +158,7 @@ int mbedtls_hmac_drbg_seed( mbedtls_hmac_drbg_context *ctx, * MBEDTLS_ERR_MD_ALLOC_FAILED. */ int mbedtls_hmac_drbg_seed_buf( mbedtls_hmac_drbg_context *ctx, - const mbedtls_md_info_t * md_info, + mbedtls_md_handle_t md_info, const unsigned char *data, size_t data_len ); /** diff --git a/include/mbedtls/md.h b/include/mbedtls/md.h index 69ab21f40..3b847b4a0 100644 --- a/include/mbedtls/md.h +++ b/include/mbedtls/md.h @@ -35,6 +35,11 @@ #include MBEDTLS_CONFIG_FILE #endif +#if ( defined(__ARMCC_VERSION) || defined(_MSC_VER) ) && \ + !defined(inline) && !defined(__cplusplus) +#define inline __inline +#endif + #define MBEDTLS_ERR_MD_FEATURE_UNAVAILABLE -0x5080 /**< The selected feature is not available. */ #define MBEDTLS_ERR_MD_BAD_INPUT_DATA -0x5100 /**< Bad input parameters to function. */ #define MBEDTLS_ERR_MD_ALLOC_FAILED -0x5180 /**< Failed to allocate memory. */ @@ -80,26 +85,72 @@ typedef enum { #define MBEDTLS_MD_MAX_BLOCK_SIZE 64 #endif +#if !defined(MBEDTLS_MD_SINGLE_HASH) + +#define MBEDTLS_MD_INLINABLE_API + /** - * Opaque struct defined in md_internal.h. + * Opaque struct defined in md.c. */ typedef struct mbedtls_md_info_t mbedtls_md_info_t; + +typedef struct mbedtls_md_info_t const * mbedtls_md_handle_t; +#define MBEDTLS_MD_INVALID_HANDLE ( (mbedtls_md_handle_t) NULL ) + +#else /* !MBEDTLS_MD_SINGLE_HASH */ + +#define MBEDTLS_MD_INLINABLE_API MBEDTLS_ALWAYS_INLINE static inline + +typedef int mbedtls_md_handle_t; +#define MBEDTLS_MD_INVALID_HANDLE ( (mbedtls_md_handle_t) 0 ) +#define MBEDTLS_MD_UNIQUE_VALID_HANDLE ( (mbedtls_md_handle_t) 1 ) + +#endif /* !MBEDTLS_MD_SINGLE_HASH */ + +#include "md_internal.h" + /** * The generic message-digest context. */ typedef struct mbedtls_md_context_t { +#if !defined(MBEDTLS_MD_SINGLE_HASH) /** Information about the associated message digest. */ - const mbedtls_md_info_t *md_info; + mbedtls_md_handle_t md_info; +#endif +#if !defined(MBEDTLS_MD_SINGLE_HASH) /** The digest-specific context. */ void *md_ctx; /** The HMAC part of the context. */ void *hmac_ctx; +#else + unsigned char md_ctx[ sizeof( MBEDTLS_MD_INFO_CTX_TYPE( + MBEDTLS_MD_SINGLE_HASH ) ) ]; + + unsigned char hmac_ctx[ 2 * MBEDTLS_MD_INFO_BLOCKSIZE( + MBEDTLS_MD_SINGLE_HASH ) ]; + +#endif /* MBEDTLS_MD_SINGLE_HASH */ } mbedtls_md_context_t; +#if !defined(MBEDTLS_MD_SINGLE_HASH) +static inline mbedtls_md_handle_t mbedtls_md_get_handle( + struct mbedtls_md_context_t const *ctx ) +{ + return( ctx->md_info ); +} +#else /* !MBEDTLS_MD_SINGLE_HASH */ +static inline mbedtls_md_handle_t mbedtls_md_get_handle( + struct mbedtls_md_context_t const *ctx ) +{ + ((void) ctx); + return( MBEDTLS_MD_UNIQUE_VALID_HANDLE ); +} +#endif /* !MBEDTLS_MD_SINGLE_HASH */ + /** * \brief This function returns the list of digests supported by the * generic digest module. @@ -120,7 +171,7 @@ const int *mbedtls_md_list( void ); * \return The message-digest information associated with \p md_name. * \return NULL if the associated message-digest information is not found. */ -const mbedtls_md_info_t *mbedtls_md_info_from_string( const char *md_name ); +mbedtls_md_handle_t mbedtls_md_info_from_string( const char *md_name ); /** * \brief This function returns the message-digest information @@ -131,7 +182,7 @@ const mbedtls_md_info_t *mbedtls_md_info_from_string( const char *md_name ); * \return The message-digest information associated with \p md_type. * \return NULL if the associated message-digest information is not found. */ -const mbedtls_md_info_t *mbedtls_md_info_from_type( mbedtls_md_type_t md_type ); +mbedtls_md_handle_t mbedtls_md_info_from_type( mbedtls_md_type_t md_type ); /** * \brief This function initializes a message-digest context without @@ -182,7 +233,7 @@ void mbedtls_md_free( mbedtls_md_context_t *ctx ); * failure. * \return #MBEDTLS_ERR_MD_ALLOC_FAILED on memory-allocation failure. */ -int mbedtls_md_init_ctx( mbedtls_md_context_t *ctx, const mbedtls_md_info_t *md_info ) MBEDTLS_DEPRECATED; +int mbedtls_md_init_ctx( mbedtls_md_context_t *ctx, mbedtls_md_handle_t md_info ) MBEDTLS_DEPRECATED; #undef MBEDTLS_DEPRECATED #endif /* MBEDTLS_DEPRECATED_REMOVED */ @@ -205,7 +256,9 @@ int mbedtls_md_init_ctx( mbedtls_md_context_t *ctx, const mbedtls_md_info_t *md_ * failure. * \return #MBEDTLS_ERR_MD_ALLOC_FAILED on memory-allocation failure. */ -int mbedtls_md_setup( mbedtls_md_context_t *ctx, const mbedtls_md_info_t *md_info, int hmac ); +MBEDTLS_MD_INLINABLE_API int mbedtls_md_setup( mbedtls_md_context_t *ctx, + mbedtls_md_handle_t md_info, + int hmac ); /** * \brief This function clones the state of an message-digest @@ -238,7 +291,7 @@ int mbedtls_md_clone( mbedtls_md_context_t *dst, * * \return The size of the message-digest output in Bytes. */ -unsigned char mbedtls_md_get_size( const mbedtls_md_info_t *md_info ); +unsigned char mbedtls_md_get_size( mbedtls_md_handle_t md_info ); /** * \brief This function extracts the message-digest type from the @@ -249,7 +302,7 @@ unsigned char mbedtls_md_get_size( const mbedtls_md_info_t *md_info ); * * \return The type of the message digest. */ -mbedtls_md_type_t mbedtls_md_get_type( const mbedtls_md_info_t *md_info ); +mbedtls_md_type_t mbedtls_md_get_type( mbedtls_md_handle_t md_info ); /** * \brief This function extracts the message-digest name from the @@ -260,7 +313,7 @@ mbedtls_md_type_t mbedtls_md_get_type( const mbedtls_md_info_t *md_info ); * * \return The name of the message digest. */ -const char *mbedtls_md_get_name( const mbedtls_md_info_t *md_info ); +const char *mbedtls_md_get_name( mbedtls_md_handle_t md_info ); /** * \brief This function starts a message-digest computation. @@ -275,7 +328,7 @@ const char *mbedtls_md_get_name( const mbedtls_md_info_t *md_info ); * \return #MBEDTLS_ERR_MD_BAD_INPUT_DATA on parameter-verification * failure. */ -int mbedtls_md_starts( mbedtls_md_context_t *ctx ); +MBEDTLS_MD_INLINABLE_API int mbedtls_md_starts( mbedtls_md_context_t *ctx ); /** * \brief This function feeds an input buffer into an ongoing @@ -293,7 +346,9 @@ int mbedtls_md_starts( mbedtls_md_context_t *ctx ); * \return #MBEDTLS_ERR_MD_BAD_INPUT_DATA on parameter-verification * failure. */ -int mbedtls_md_update( mbedtls_md_context_t *ctx, const unsigned char *input, size_t ilen ); +MBEDTLS_MD_INLINABLE_API int mbedtls_md_update( mbedtls_md_context_t *ctx, + const unsigned char *input, + size_t ilen ); /** * \brief This function finishes the digest operation, @@ -313,7 +368,8 @@ int mbedtls_md_update( mbedtls_md_context_t *ctx, const unsigned char *input, si * \return #MBEDTLS_ERR_MD_BAD_INPUT_DATA on parameter-verification * failure. */ -int mbedtls_md_finish( mbedtls_md_context_t *ctx, unsigned char *output ); +MBEDTLS_MD_INLINABLE_API int mbedtls_md_finish( mbedtls_md_context_t *ctx, + unsigned char *output ); /** * \brief This function calculates the message-digest of a buffer, @@ -333,8 +389,11 @@ int mbedtls_md_finish( mbedtls_md_context_t *ctx, unsigned char *output ); * \return #MBEDTLS_ERR_MD_BAD_INPUT_DATA on parameter-verification * failure. */ -int mbedtls_md( const mbedtls_md_info_t *md_info, const unsigned char *input, size_t ilen, - unsigned char *output ); +MBEDTLS_MD_INLINABLE_API int mbedtls_md( + mbedtls_md_handle_t md_info, + const unsigned char *input, + size_t ilen, + unsigned char *output ); #if defined(MBEDTLS_FS_IO) /** @@ -354,7 +413,7 @@ int mbedtls_md( const mbedtls_md_info_t *md_info, const unsigned char *input, si * the file pointed by \p path. * \return #MBEDTLS_ERR_MD_BAD_INPUT_DATA if \p md_info was NULL. */ -int mbedtls_md_file( const mbedtls_md_info_t *md_info, const char *path, +int mbedtls_md_file( mbedtls_md_handle_t md_info, const char *path, unsigned char *output ); #endif /* MBEDTLS_FS_IO */ @@ -460,12 +519,167 @@ int mbedtls_md_hmac_reset( mbedtls_md_context_t *ctx ); * \return #MBEDTLS_ERR_MD_BAD_INPUT_DATA on parameter-verification * failure. */ -int mbedtls_md_hmac( const mbedtls_md_info_t *md_info, const unsigned char *key, size_t keylen, +int mbedtls_md_hmac( mbedtls_md_handle_t md_info, const unsigned char *key, size_t keylen, const unsigned char *input, size_t ilen, unsigned char *output ); /* Internal use */ -int mbedtls_md_process( mbedtls_md_context_t *ctx, const unsigned char *data ); +MBEDTLS_MD_INLINABLE_API int mbedtls_md_process( mbedtls_md_context_t *ctx, + const unsigned char *data ); + +/* + * Internal wrapper functions for those MD API functions which should be + * inlined in some but not all configurations. The actual MD API will be + * implemented either here or in md.c, and forward to the wrappers. + */ + +MBEDTLS_ALWAYS_INLINE static inline int mbedtls_md_setup_internal( + mbedtls_md_context_t *ctx, mbedtls_md_handle_t md_info, int hmac ) +{ + if( md_info == MBEDTLS_MD_INVALID_HANDLE || ctx == NULL ) + return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); + +#if !defined(MBEDTLS_MD_SINGLE_HASH) + ctx->md_ctx = mbedtls_md_info_ctx_alloc( md_info ); + if( ctx->md_ctx == NULL ) + return( MBEDTLS_ERR_MD_ALLOC_FAILED ); + + if( hmac != 0 ) + { + ctx->hmac_ctx = mbedtls_calloc( 2, + mbedtls_md_info_block_size( md_info ) ); + if( ctx->hmac_ctx == NULL ) + { + mbedtls_md_info_ctx_free( md_info, ctx->md_ctx); + return( MBEDTLS_ERR_MD_ALLOC_FAILED ); + } + } + + ctx->md_info = md_info; +#else + ((void) hmac); +#endif /* MBEDTLS_MD_SINGLE_HASH */ + + return( 0 ); +} + +MBEDTLS_ALWAYS_INLINE static inline int mbedtls_md_starts_internal( + mbedtls_md_context_t *ctx ) +{ + mbedtls_md_handle_t md_info; + if( ctx == NULL ) + return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); + + md_info = mbedtls_md_get_handle( ctx ); + if( md_info == MBEDTLS_MD_INVALID_HANDLE ) + return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); + + return( mbedtls_md_info_starts( md_info, ctx->md_ctx ) ); +} + +MBEDTLS_ALWAYS_INLINE static inline int mbedtls_md_update_internal( + mbedtls_md_context_t *ctx, + const unsigned char *input, + size_t ilen ) +{ + mbedtls_md_handle_t md_info; + if( ctx == NULL ) + return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); + + md_info = mbedtls_md_get_handle( ctx ); + if( md_info == MBEDTLS_MD_INVALID_HANDLE ) + return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); + + return( mbedtls_md_info_update( md_info, ctx->md_ctx, + input, ilen ) ); +} + +MBEDTLS_ALWAYS_INLINE static inline int mbedtls_md_finish_internal( + mbedtls_md_context_t *ctx, unsigned char *output ) +{ + mbedtls_md_handle_t md_info; + if( ctx == NULL ) + return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); + + md_info = mbedtls_md_get_handle( ctx ); + if( md_info == MBEDTLS_MD_INVALID_HANDLE ) + return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); + + return( mbedtls_md_info_finish( md_info, ctx->md_ctx, + output ) ); +} + +MBEDTLS_ALWAYS_INLINE static inline int mbedtls_md_internal( + mbedtls_md_handle_t md_info, + const unsigned char *input, + size_t ilen, + unsigned char *output ) +{ + if( md_info == MBEDTLS_MD_INVALID_HANDLE ) + return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); + + return( mbedtls_md_info_digest( md_info, input, + ilen, output) ); +} + +MBEDTLS_ALWAYS_INLINE static inline int mbedtls_md_process_internal( + mbedtls_md_context_t *ctx, const unsigned char *data ) +{ + mbedtls_md_handle_t md_info; + if( ctx == NULL ) + return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); + + md_info = mbedtls_md_get_handle( ctx ); + if( md_info == MBEDTLS_MD_INVALID_HANDLE ) + return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); + + return( mbedtls_md_info_process( md_info, ctx->md_ctx, data ) ); +} + +#if defined(MBEDTLS_MD_SINGLE_HASH) + +MBEDTLS_MD_INLINABLE_API int mbedtls_md_setup( + mbedtls_md_context_t *ctx, mbedtls_md_handle_t md_info, int hmac ) +{ + return( mbedtls_md_setup_internal( ctx, md_info, hmac ) ); +} + +MBEDTLS_MD_INLINABLE_API int mbedtls_md_starts( + mbedtls_md_context_t *ctx ) +{ + return( mbedtls_md_starts_internal( ctx ) ); +} + +MBEDTLS_MD_INLINABLE_API int mbedtls_md_update( + mbedtls_md_context_t *ctx, + const unsigned char *input, + size_t ilen ) +{ + return( mbedtls_md_update_internal( ctx, input, ilen ) ); +} + +MBEDTLS_MD_INLINABLE_API int mbedtls_md_finish( + mbedtls_md_context_t *ctx, unsigned char *output ) +{ + return( mbedtls_md_finish_internal( ctx, output ) ); +} + +MBEDTLS_MD_INLINABLE_API int mbedtls_md( + mbedtls_md_handle_t md_info, + const unsigned char *input, + size_t ilen, + unsigned char *output ) +{ + return( mbedtls_md_internal( md_info, input, ilen, output ) ); +} + +MBEDTLS_MD_INLINABLE_API int mbedtls_md_process( + mbedtls_md_context_t *ctx, const unsigned char *data ) +{ + return( mbedtls_md_process_internal( ctx, data ) ); +} + +#endif /* MBEDTLS_MD_SINGLE_HASH */ #ifdef __cplusplus } diff --git a/include/mbedtls/md_internal.h b/include/mbedtls/md_internal.h index 698477b35..84944ee44 100644 --- a/include/mbedtls/md_internal.h +++ b/include/mbedtls/md_internal.h @@ -1,14 +1,12 @@ -/** + /** * \file md_internal.h * - * \brief Message digest wrappers. - * - * \warning This in an internal header. Do not include directly. + * \brief This file contains the generic message-digest wrapper. * * \author Adriaan de Jong */ /* - * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved + * Copyright (C) 2006-2018, Arm Limited (or its affiliates), All Rights Reserved * SPDX-License-Identifier: Apache-2.0 * * Licensed under the Apache License, Version 2.0 (the "License"); you may @@ -23,27 +21,157 @@ * See the License for the specific language governing permissions and * limitations under the License. * - * This file is part of mbed TLS (https://tls.mbed.org) + * This file is part of Mbed TLS (https://tls.mbed.org) */ -#ifndef MBEDTLS_MD_WRAP_H -#define MBEDTLS_MD_WRAP_H -#if !defined(MBEDTLS_CONFIG_FILE) -#include "config.h" -#else -#include MBEDTLS_CONFIG_FILE +#ifndef MBEDTLS_MD_INTERNAL_H +#define MBEDTLS_MD_INTERNAL_H + +#if defined(MBEDTLS_MD2_C) +#include "mbedtls/md2.h" #endif -#include "md.h" +#if defined(MBEDTLS_MD4_C) +#include "mbedtls/md4.h" +#endif + +#if defined(MBEDTLS_MD5_C) +#include "mbedtls/md5.h" +#endif + +#if defined(MBEDTLS_RIPEMD160_C) +#include "mbedtls/ripemd160.h" +#endif + +#if defined(MBEDTLS_SHA1_C) +#include "mbedtls/sha1.h" +#endif + +#if defined(MBEDTLS_SHA256_C) +#include "mbedtls/sha256.h" +#endif + +#if defined(MBEDTLS_SHA512_C) +#include "mbedtls/sha512.h" +#endif + +#include "mbedtls/platform_util.h" + +#if defined(MBEDTLS_PLATFORM_C) +#include "mbedtls/platform.h" +#else +#include +#define mbedtls_calloc calloc +#define mbedtls_free free +#endif #ifdef __cplusplus extern "C" { #endif +#define MBEDTLS_MD_WRAPPER MBEDTLS_ALWAYS_INLINE static inline + +/* + * Message-digest information macro definition + */ + +/* Dummy definition to keep check-names.sh happy - don't uncomment */ +//#define MBEDTLS_MD_INFO_SHA256 + +/* SHA-256 */ +static inline void mbedtls_md_sha256_init_free_dummy( void* ctx ) +{ + /* Zero-initialization can be skipped. */ + ((void) ctx); +} +#define MBEDTLS_MD_INFO_SHA256_TYPE MBEDTLS_MD_SHA256 +#define MBEDTLS_MD_INFO_SHA256_CTX_TYPE mbedtls_sha256_context +#if defined(MBEDTLS_MD_SINGLE_HASH) && !defined(MBEDTLS_SHA256_ALT) +/* mbedtls_md_sha256_init() only zeroizes, which is redundant + * because mbedtls_md_context is zeroized in mbedtls_md_init(), + * and the mbedtls_sha256_context is embedded in mbedtls_md_context_t. */ +#define MBEDTLS_MD_INFO_SHA256_INIT_FUNC mbedtls_md_sha256_init_free_dummy +#else +#define MBEDTLS_MD_INFO_SHA256_INIT_FUNC mbedtls_sha256_init +#endif /* MBEDTLS_MD_SINGLE_HASH && !MBEDTLS_SHA256_ALT */ +#define MBEDTLS_MD_INFO_SHA256_NAME "SHA256" +#define MBEDTLS_MD_INFO_SHA256_SIZE 32 +#define MBEDTLS_MD_INFO_SHA256_BLOCKSIZE 64 +#define MBEDTLS_MD_INFO_SHA256_STARTS_FUNC mbedtls_sha256_starts_wrap +#define MBEDTLS_MD_INFO_SHA256_UPDATE_FUNC mbedtls_sha224_update_wrap +#define MBEDTLS_MD_INFO_SHA256_FINISH_FUNC mbedtls_sha224_finish_wrap +#define MBEDTLS_MD_INFO_SHA256_DIGEST_FUNC mbedtls_sha256_wrap +#define MBEDTLS_MD_INFO_SHA256_ALLOC_FUNC mbedtls_sha224_ctx_alloc +#if defined(MBEDTLS_MD_SINGLE_HASH) && !defined(MBEDTLS_SHA256_ALT) +/* mbedtls_md_sha256_free() only zeroizes, which is redundant + * because mbedtls_md_context is zeroized in mbedtls_md_init(), + * and the mbedtls_sha256_context is embedded in mbedtls_md_context_t. */ +#define MBEDTLS_MD_INFO_SHA256_FREE_FUNC mbedtls_md_sha256_init_free_dummy +#else +#define MBEDTLS_MD_INFO_SHA256_FREE_FUNC mbedtls_sha224_ctx_free +#endif /* MBEDTLS_MD_SINGLE_HASH && !MBEDTLS_SHA256_ALT */ +#define MBEDTLS_MD_INFO_SHA256_CLONE_FUNC mbedtls_sha224_clone_wrap +#define MBEDTLS_MD_INFO_SHA256_PROCESS_FUNC mbedtls_sha224_process_wrap + +/* + * Helper macros to extract fields from ciphersuites. + */ + +#define MBEDTLS_MD_INFO_CTX_TYPE_T( MD ) MD ## _CTX_TYPE +#define MBEDTLS_MD_INFO_INIT_FUNC_T( MD ) MD ## _INIT_FUNC +#define MBEDTLS_MD_INFO_TYPE_T( MD ) MD ## _TYPE +#define MBEDTLS_MD_INFO_NAME_T( MD ) MD ## _NAME +#define MBEDTLS_MD_INFO_SIZE_T( MD ) MD ## _SIZE +#define MBEDTLS_MD_INFO_BLOCKSIZE_T( MD ) MD ## _BLOCKSIZE +#define MBEDTLS_MD_INFO_STARTS_FUNC_T( MD ) MD ## _STARTS_FUNC +#define MBEDTLS_MD_INFO_UPDATE_FUNC_T( MD ) MD ## _UPDATE_FUNC +#define MBEDTLS_MD_INFO_FINISH_FUNC_T( MD ) MD ## _FINISH_FUNC +#define MBEDTLS_MD_INFO_DIGEST_FUNC_T( MD ) MD ## _DIGEST_FUNC +#define MBEDTLS_MD_INFO_ALLOC_FUNC_T( MD ) MD ## _ALLOC_FUNC +#define MBEDTLS_MD_INFO_FREE_FUNC_T( MD ) MD ## _FREE_FUNC +#define MBEDTLS_MD_INFO_CLONE_FUNC_T( MD ) MD ## _CLONE_FUNC +#define MBEDTLS_MD_INFO_PROCESS_FUNC_T( MD ) MD ## _PROCESS_FUNC + +/* Wrapper around MBEDTLS_MD_INFO_{FIELD}_T() which makes sure that + * the argument is macro-expanded before concatenated with the + * field name. This allows to call these macros as + * MBEDTLS_MD_INFO_{FIELD}( MBEDTLS_MD_SINGLE_HASH ). + * where MBEDTLS_MD_SINGLE_HASH expands to MBEDTLS_MD_INFO_{DIGEST}. */ +#define MBEDTLS_MD_INFO_CTX_TYPE( MD ) MBEDTLS_MD_INFO_CTX_TYPE_T( MD ) +#define MBEDTLS_MD_INFO_INIT_FUNC( MD ) MBEDTLS_MD_INFO_INIT_FUNC_T( MD ) +#define MBEDTLS_MD_INFO_TYPE( MD ) MBEDTLS_MD_INFO_TYPE_T( MD ) +#define MBEDTLS_MD_INFO_NAME( MD ) MBEDTLS_MD_INFO_NAME_T( MD ) +#define MBEDTLS_MD_INFO_SIZE( MD ) MBEDTLS_MD_INFO_SIZE_T( MD ) +#define MBEDTLS_MD_INFO_BLOCKSIZE( MD ) MBEDTLS_MD_INFO_BLOCKSIZE_T( MD ) +#define MBEDTLS_MD_INFO_STARTS_FUNC( MD ) MBEDTLS_MD_INFO_STARTS_FUNC_T( MD ) +#define MBEDTLS_MD_INFO_UPDATE_FUNC( MD ) MBEDTLS_MD_INFO_UPDATE_FUNC_T( MD ) +#define MBEDTLS_MD_INFO_FINISH_FUNC( MD ) MBEDTLS_MD_INFO_FINISH_FUNC_T( MD ) +#define MBEDTLS_MD_INFO_DIGEST_FUNC( MD ) MBEDTLS_MD_INFO_DIGEST_FUNC_T( MD ) +#define MBEDTLS_MD_INFO_ALLOC_FUNC( MD ) MBEDTLS_MD_INFO_ALLOC_FUNC_T( MD ) +#define MBEDTLS_MD_INFO_FREE_FUNC( MD ) MBEDTLS_MD_INFO_FREE_FUNC_T( MD ) +#define MBEDTLS_MD_INFO_CLONE_FUNC( MD ) MBEDTLS_MD_INFO_CLONE_FUNC_T( MD ) +#define MBEDTLS_MD_INFO_PROCESS_FUNC( MD ) MBEDTLS_MD_INFO_PROCESS_FUNC_T( MD ) + /** * Message digest information. * Allows message digest functions to be called in a generic way. */ + +typedef int mbedtls_md_starts_func_t( void *ctx ); +typedef int mbedtls_md_update_func_t( void *ctx, + const unsigned char *input, + size_t ilen ); +typedef int mbedtls_md_finish_func_t( void *ctx, unsigned char *output ); +typedef int mbedtls_md_digest_func_t( const unsigned char *input, + size_t ilen, + unsigned char *output ); +typedef void* mbedtls_md_ctx_alloc_func_t( void ); +typedef void mbedtls_md_ctx_free_func_t( void *ctx ); +typedef void mbedtls_md_clone_func_t( void *st, const void *src ); +typedef int mbedtls_md_process_func_t( void *ctx, + const unsigned char *input ); + +#if !defined(MBEDTLS_MD_SINGLE_HASH) struct mbedtls_md_info_t { /** Digest identifier */ @@ -59,59 +187,672 @@ struct mbedtls_md_info_t int block_size; /** Digest initialisation function */ - int (*starts_func)( void *ctx ); + mbedtls_md_starts_func_t *starts_func; /** Digest update function */ - int (*update_func)( void *ctx, const unsigned char *input, size_t ilen ); + mbedtls_md_update_func_t *update_func; /** Digest finalisation function */ - int (*finish_func)( void *ctx, unsigned char *output ); + mbedtls_md_finish_func_t *finish_func; /** Generic digest function */ - int (*digest_func)( const unsigned char *input, size_t ilen, - unsigned char *output ); + mbedtls_md_digest_func_t *digest_func; /** Allocate a new context */ - void * (*ctx_alloc_func)( void ); + mbedtls_md_ctx_alloc_func_t *ctx_alloc_func; /** Free the given context */ - void (*ctx_free_func)( void *ctx ); + mbedtls_md_ctx_free_func_t *ctx_free_func; /** Clone state from a context */ - void (*clone_func)( void *dst, const void *src ); + mbedtls_md_clone_func_t *clone_func; /** Internal use only */ - int (*process_func)( void *ctx, const unsigned char *input ); + mbedtls_md_process_func_t *process_func; }; +/** + * \brief This macro builds an instance of ::mbedtls_md_info_t + * from an \c MBEDTLS_MD_INFO_XXX identifier. + */ +#define MBEDTLS_MD_INFO( MD ) \ + { MBEDTLS_MD_INFO_TYPE( MD ), \ + MBEDTLS_MD_INFO_NAME( MD ), \ + MBEDTLS_MD_INFO_SIZE( MD ), \ + MBEDTLS_MD_INFO_BLOCKSIZE( MD ), \ + MBEDTLS_MD_INFO_STARTS_FUNC( MD ), \ + MBEDTLS_MD_INFO_UPDATE_FUNC( MD ), \ + MBEDTLS_MD_INFO_FINISH_FUNC( MD ), \ + MBEDTLS_MD_INFO_DIGEST_FUNC( MD ), \ + MBEDTLS_MD_INFO_ALLOC_FUNC( MD ), \ + MBEDTLS_MD_INFO_FREE_FUNC( MD ), \ + MBEDTLS_MD_INFO_CLONE_FUNC( MD ), \ + MBEDTLS_MD_INFO_PROCESS_FUNC( MD ) } + +#endif /* !MBEDTLS_MD_SINGLE_HASH */ + +/* + * + * Definitions of MD information structures for various digests. + * + */ + +/* + * MD-2 + */ + #if defined(MBEDTLS_MD2_C) -extern const mbedtls_md_info_t mbedtls_md2_info; -#endif + +MBEDTLS_MD_WRAPPER int mbedtls_md2_starts_wrap( void *ctx ) +{ + return( mbedtls_md2_starts_ret( (mbedtls_md2_context *) ctx ) ); +} + +MBEDTLS_MD_WRAPPER int mbedtls_md2_update_wrap( void *ctx, const unsigned char *input, + size_t ilen ) +{ + return( mbedtls_md2_update_ret( (mbedtls_md2_context *) ctx, input, ilen ) ); +} + +MBEDTLS_MD_WRAPPER int mbedtls_md2_finish_wrap( void *ctx, unsigned char *output ) +{ + return( mbedtls_md2_finish_ret( (mbedtls_md2_context *) ctx, output ) ); +} + +MBEDTLS_MD_WRAPPER void* mbedtls_md2_ctx_alloc( void ) +{ + void *ctx = mbedtls_calloc( 1, sizeof( mbedtls_md2_context ) ); + + if( ctx != NULL ) + mbedtls_md2_init( (mbedtls_md2_context *) ctx ); + + return( ctx ); +} + +MBEDTLS_MD_WRAPPER void mbedtls_md2_ctx_free( void *ctx ) +{ + mbedtls_md2_free( (mbedtls_md2_context *) ctx ); + mbedtls_free( ctx ); +} + +MBEDTLS_MD_WRAPPER void mbedtls_md2_clone_wrap( void *dst, const void *src ) +{ + mbedtls_md2_clone( (mbedtls_md2_context *) dst, + (const mbedtls_md2_context *) src ); +} + +MBEDTLS_MD_WRAPPER int mbedtls_md2_process_wrap( void *ctx, const unsigned char *data ) +{ + ((void) data); + + return( mbedtls_internal_md2_process( (mbedtls_md2_context *) ctx ) ); +} + +#endif /* MBEDTLS_MD2_C */ + +/* + * MD-4 + */ + #if defined(MBEDTLS_MD4_C) -extern const mbedtls_md_info_t mbedtls_md4_info; -#endif + +MBEDTLS_MD_WRAPPER int mbedtls_md4_starts_wrap( void *ctx ) +{ + return( mbedtls_md4_starts_ret( (mbedtls_md4_context *) ctx ) ); +} + +MBEDTLS_MD_WRAPPER int mbedtls_md4_update_wrap( void *ctx, const unsigned char *input, + size_t ilen ) +{ + return( mbedtls_md4_update_ret( (mbedtls_md4_context *) ctx, input, ilen ) ); +} + +MBEDTLS_MD_WRAPPER int mbedtls_md4_finish_wrap( void *ctx, unsigned char *output ) +{ + return( mbedtls_md4_finish_ret( (mbedtls_md4_context *) ctx, output ) ); +} + +MBEDTLS_MD_WRAPPER void* mbedtls_md4_ctx_alloc( void ) +{ + void *ctx = mbedtls_calloc( 1, sizeof( mbedtls_md4_context ) ); + + if( ctx != NULL ) + mbedtls_md4_init( (mbedtls_md4_context *) ctx ); + + return( ctx ); +} + +MBEDTLS_MD_WRAPPER void mbedtls_md4_ctx_free( void *ctx ) +{ + mbedtls_md4_free( (mbedtls_md4_context *) ctx ); + mbedtls_free( ctx ); +} + +MBEDTLS_MD_WRAPPER void mbedtls_md4_clone_wrap( void *dst, const void *src ) +{ + mbedtls_md4_clone( (mbedtls_md4_context *) dst, + (const mbedtls_md4_context *) src ); +} + +MBEDTLS_MD_WRAPPER int mbedtls_md4_process_wrap( void *ctx, const unsigned char *data ) +{ + return( mbedtls_internal_md4_process( (mbedtls_md4_context *) ctx, data ) ); +} + +#endif /* MBEDTLS_MD4_C */ + +/* + * MD-5 + */ + #if defined(MBEDTLS_MD5_C) -extern const mbedtls_md_info_t mbedtls_md5_info; -#endif + +MBEDTLS_MD_WRAPPER int mbedtls_md5_starts_wrap( void *ctx ) +{ + return( mbedtls_md5_starts_ret( (mbedtls_md5_context *) ctx ) ); +} + +MBEDTLS_MD_WRAPPER int mbedtls_md5_update_wrap( void *ctx, const unsigned char *input, + size_t ilen ) +{ + return( mbedtls_md5_update_ret( (mbedtls_md5_context *) ctx, input, ilen ) ); +} + +MBEDTLS_MD_WRAPPER int mbedtls_md5_finish_wrap( void *ctx, unsigned char *output ) +{ + return( mbedtls_md5_finish_ret( (mbedtls_md5_context *) ctx, output ) ); +} + +MBEDTLS_MD_WRAPPER void* mbedtls_md5_ctx_alloc( void ) +{ + void *ctx = mbedtls_calloc( 1, sizeof( mbedtls_md5_context ) ); + + if( ctx != NULL ) + mbedtls_md5_init( (mbedtls_md5_context *) ctx ); + + return( ctx ); +} + +MBEDTLS_MD_WRAPPER void mbedtls_md5_ctx_free( void *ctx ) +{ + mbedtls_md5_free( (mbedtls_md5_context *) ctx ); + mbedtls_free( ctx ); +} + +MBEDTLS_MD_WRAPPER void mbedtls_md5_clone_wrap( void *dst, const void *src ) +{ + mbedtls_md5_clone( (mbedtls_md5_context *) dst, + (const mbedtls_md5_context *) src ); +} + +MBEDTLS_MD_WRAPPER int mbedtls_md5_process_wrap( void *ctx, const unsigned char *data ) +{ + return( mbedtls_internal_md5_process( (mbedtls_md5_context *) ctx, data ) ); +} + +#endif /* MBEDTLS_MD5_C */ + +/* + * RIPEMD-160 + */ + #if defined(MBEDTLS_RIPEMD160_C) -extern const mbedtls_md_info_t mbedtls_ripemd160_info; -#endif + +MBEDTLS_MD_WRAPPER int mbedtls_ripemd160_starts_wrap( void *ctx ) +{ + return( mbedtls_ripemd160_starts_ret( (mbedtls_ripemd160_context *) ctx ) ); +} + +MBEDTLS_MD_WRAPPER int mbedtls_ripemd160_update_wrap( void *ctx, const unsigned char *input, + size_t ilen ) +{ + return( mbedtls_ripemd160_update_ret( (mbedtls_ripemd160_context *) ctx, + input, ilen ) ); +} + +MBEDTLS_MD_WRAPPER int mbedtls_ripemd160_finish_wrap( void *ctx, unsigned char *output ) +{ + return( mbedtls_ripemd160_finish_ret( (mbedtls_ripemd160_context *) ctx, + output ) ); +} + +MBEDTLS_MD_WRAPPER void* mbedtls_ripemd160_ctx_alloc( void ) +{ + void *ctx = mbedtls_calloc( 1, sizeof( mbedtls_ripemd160_context ) ); + + if( ctx != NULL ) + mbedtls_ripemd160_init( (mbedtls_ripemd160_context *) ctx ); + + return( ctx ); +} + +MBEDTLS_MD_WRAPPER void mbedtls_ripemd160_ctx_free( void *ctx ) +{ + mbedtls_ripemd160_free( (mbedtls_ripemd160_context *) ctx ); + mbedtls_free( ctx ); +} + +MBEDTLS_MD_WRAPPER void mbedtls_ripemd160_clone_wrap( void *dst, const void *src ) +{ + mbedtls_ripemd160_clone( (mbedtls_ripemd160_context *) dst, + (const mbedtls_ripemd160_context *) src ); +} + +MBEDTLS_MD_WRAPPER int mbedtls_ripemd160_process_wrap( void *ctx, const unsigned char *data ) +{ + return( mbedtls_internal_ripemd160_process( + (mbedtls_ripemd160_context *) ctx, data ) ); +} + +#endif /* MBEDTLS_RIPEMD160_C */ + +/* + * SHA-1 + */ + #if defined(MBEDTLS_SHA1_C) -extern const mbedtls_md_info_t mbedtls_sha1_info; -#endif + +MBEDTLS_MD_WRAPPER int mbedtls_sha1_starts_wrap( void *ctx ) +{ + return( mbedtls_sha1_starts_ret( (mbedtls_sha1_context *) ctx ) ); +} + +MBEDTLS_MD_WRAPPER int mbedtls_sha1_update_wrap( void *ctx, const unsigned char *input, + size_t ilen ) +{ + return( mbedtls_sha1_update_ret( (mbedtls_sha1_context *) ctx, + input, ilen ) ); +} + +MBEDTLS_MD_WRAPPER int mbedtls_sha1_finish_wrap( void *ctx, unsigned char *output ) +{ + return( mbedtls_sha1_finish_ret( (mbedtls_sha1_context *) ctx, output ) ); +} + +MBEDTLS_MD_WRAPPER void* mbedtls_sha1_ctx_alloc( void ) +{ + void *ctx = mbedtls_calloc( 1, sizeof( mbedtls_sha1_context ) ); + + if( ctx != NULL ) + mbedtls_sha1_init( (mbedtls_sha1_context *) ctx ); + + return( ctx ); +} + +MBEDTLS_MD_WRAPPER void mbedtls_sha1_clone_wrap( void *dst, const void *src ) +{ + mbedtls_sha1_clone( (mbedtls_sha1_context *) dst, + (const mbedtls_sha1_context *) src ); +} + +MBEDTLS_MD_WRAPPER void mbedtls_sha1_ctx_free( void *ctx ) +{ + mbedtls_sha1_free( (mbedtls_sha1_context *) ctx ); + mbedtls_free( ctx ); +} + +MBEDTLS_MD_WRAPPER int mbedtls_sha1_process_wrap( void *ctx, const unsigned char *data ) +{ + return( mbedtls_internal_sha1_process( (mbedtls_sha1_context *) ctx, + data ) ); +} + +#endif /* MBEDTLS_SHA1_C */ + +/* + * SHA-224 and SHA-256 + */ + #if defined(MBEDTLS_SHA256_C) + #if !defined(MBEDTLS_SHA256_NO_SHA224) -extern const mbedtls_md_info_t mbedtls_sha224_info; -#endif -extern const mbedtls_md_info_t mbedtls_sha256_info; -#endif +MBEDTLS_MD_WRAPPER int mbedtls_sha224_starts_wrap( void *ctx ) +{ + return( mbedtls_sha256_starts_ret( (mbedtls_sha256_context *) ctx, 1 ) ); +} +#endif /* !MBEDTLS_SHA256_NO_SHA224 */ + +MBEDTLS_MD_WRAPPER int mbedtls_sha224_update_wrap( void *ctx, const unsigned char *input, + size_t ilen ) +{ + return( mbedtls_sha256_update_ret( (mbedtls_sha256_context *) ctx, + input, ilen ) ); +} + +MBEDTLS_MD_WRAPPER int mbedtls_sha224_finish_wrap( void *ctx, unsigned char *output ) +{ + return( mbedtls_sha256_finish_ret( (mbedtls_sha256_context *) ctx, + output ) ); +} + +#if !defined(MBEDTLS_SHA256_NO_SHA224) +MBEDTLS_MD_WRAPPER int mbedtls_sha224_wrap( const unsigned char *input, size_t ilen, + unsigned char *output ) +{ + return( mbedtls_sha256_ret( input, ilen, output, 1 ) ); +} +#endif /* !MBEDTLS_SHA256_NO_SHA224 */ + +MBEDTLS_MD_WRAPPER void* mbedtls_sha224_ctx_alloc( void ) +{ + void *ctx = mbedtls_calloc( 1, sizeof( mbedtls_sha256_context ) ); + + if( ctx != NULL ) + mbedtls_sha256_init( (mbedtls_sha256_context *) ctx ); + + return( ctx ); +} + +MBEDTLS_MD_WRAPPER void mbedtls_sha224_ctx_free( void *ctx ) +{ + mbedtls_sha256_free( (mbedtls_sha256_context *) ctx ); + mbedtls_free( ctx ); +} + +MBEDTLS_MD_WRAPPER void mbedtls_sha224_clone_wrap( void *dst, const void *src ) +{ + mbedtls_sha256_clone( (mbedtls_sha256_context *) dst, + (const mbedtls_sha256_context *) src ); +} + +MBEDTLS_MD_WRAPPER int mbedtls_sha224_process_wrap( void *ctx, const unsigned char *data ) +{ + return( mbedtls_internal_sha256_process( (mbedtls_sha256_context *) ctx, + data ) ); +} + +MBEDTLS_MD_WRAPPER int mbedtls_sha256_starts_wrap( void *ctx ) +{ + return( mbedtls_sha256_starts_ret( (mbedtls_sha256_context *) ctx, 0 ) ); +} + +MBEDTLS_MD_WRAPPER int mbedtls_sha256_wrap( const unsigned char *input, size_t ilen, + unsigned char *output ) +{ + return( mbedtls_sha256_ret( input, ilen, output, 0 ) ); +} + +#endif /* MBEDTLS_SHA256_C */ + +/* + * SHA-384 and SHA-512 + */ + #if defined(MBEDTLS_SHA512_C) -extern const mbedtls_md_info_t mbedtls_sha384_info; -extern const mbedtls_md_info_t mbedtls_sha512_info; -#endif + +MBEDTLS_MD_WRAPPER int mbedtls_sha384_starts_wrap( void *ctx ) +{ + return( mbedtls_sha512_starts_ret( (mbedtls_sha512_context *) ctx, 1 ) ); +} + +MBEDTLS_MD_WRAPPER int mbedtls_sha384_update_wrap( void *ctx, const unsigned char *input, + size_t ilen ) +{ + return( mbedtls_sha512_update_ret( (mbedtls_sha512_context *) ctx, + input, ilen ) ); +} + +MBEDTLS_MD_WRAPPER int mbedtls_sha384_finish_wrap( void *ctx, unsigned char *output ) +{ + return( mbedtls_sha512_finish_ret( (mbedtls_sha512_context *) ctx, + output ) ); +} + +MBEDTLS_MD_WRAPPER int mbedtls_sha384_wrap( const unsigned char *input, size_t ilen, + unsigned char *output ) +{ + return( mbedtls_sha512_ret( input, ilen, output, 1 ) ); +} + +MBEDTLS_MD_WRAPPER void* mbedtls_sha384_ctx_alloc( void ) +{ + void *ctx = mbedtls_calloc( 1, sizeof( mbedtls_sha512_context ) ); + + if( ctx != NULL ) + mbedtls_sha512_init( (mbedtls_sha512_context *) ctx ); + + return( ctx ); +} + +MBEDTLS_MD_WRAPPER void mbedtls_sha384_ctx_free( void *ctx ) +{ + mbedtls_sha512_free( (mbedtls_sha512_context *) ctx ); + mbedtls_free( ctx ); +} + +MBEDTLS_MD_WRAPPER void mbedtls_sha384_clone_wrap( void *dst, const void *src ) +{ + mbedtls_sha512_clone( (mbedtls_sha512_context *) dst, + (const mbedtls_sha512_context *) src ); +} + +MBEDTLS_MD_WRAPPER int mbedtls_sha384_process_wrap( void *ctx, const unsigned char *data ) +{ + return( mbedtls_internal_sha512_process( (mbedtls_sha512_context *) ctx, + data ) ); +} + +MBEDTLS_MD_WRAPPER int mbedtls_sha512_starts_wrap( void *ctx ) +{ + return( mbedtls_sha512_starts_ret( (mbedtls_sha512_context *) ctx, 0 ) ); +} + +MBEDTLS_MD_WRAPPER int mbedtls_sha512_wrap( const unsigned char *input, size_t ilen, + unsigned char *output ) +{ + return( mbedtls_sha512_ret( input, ilen, output, 0 ) ); +} + +#endif /* MBEDTLS_SHA512_C */ + +/* + * Getter functions for MD info structure. + */ + +#if !defined(MBEDTLS_MD_SINGLE_HASH) + +MBEDTLS_ALWAYS_INLINE static inline mbedtls_md_type_t mbedtls_md_info_type( + mbedtls_md_handle_t info ) +{ + return( info->type ); +} + +MBEDTLS_ALWAYS_INLINE static inline const char * mbedtls_md_info_name( + mbedtls_md_handle_t info ) +{ + return( info->name ); +} + +MBEDTLS_ALWAYS_INLINE static inline int mbedtls_md_info_size( + mbedtls_md_handle_t info ) +{ + return( info->size ); +} + +MBEDTLS_ALWAYS_INLINE static inline int mbedtls_md_info_block_size( + mbedtls_md_handle_t info ) +{ + return( info->block_size ); +} + +MBEDTLS_ALWAYS_INLINE static inline int mbedtls_md_info_starts( + mbedtls_md_handle_t info, + void *ctx ) +{ + return( info->starts_func( ctx ) ); +} + +MBEDTLS_ALWAYS_INLINE static inline int mbedtls_md_info_update( + mbedtls_md_handle_t info, + void *ctx, + const unsigned char *input, + size_t ilen ) +{ + return( info->update_func( ctx, input, ilen ) ); +} + +MBEDTLS_ALWAYS_INLINE static inline int mbedtls_md_info_finish( + mbedtls_md_handle_t info, + void *ctx, + unsigned char *output ) +{ + return( info->finish_func( ctx, output ) ); +} + +MBEDTLS_ALWAYS_INLINE static inline int mbedtls_md_info_digest( + mbedtls_md_handle_t info, + const unsigned char *input, + size_t ilen, + unsigned char *output ) +{ + return( info->digest_func( input, ilen, output ) ); +} + +MBEDTLS_ALWAYS_INLINE static inline void* mbedtls_md_info_ctx_alloc( + mbedtls_md_handle_t info ) +{ + return( info->ctx_alloc_func() ); +} + +MBEDTLS_ALWAYS_INLINE static inline void mbedtls_md_info_ctx_free( + mbedtls_md_handle_t info, + void *ctx ) +{ + info->ctx_free_func( ctx ); +} + +MBEDTLS_ALWAYS_INLINE static inline void mbedtls_md_info_clone( + mbedtls_md_handle_t info, + void *dst, + const void *src ) +{ + info->clone_func( dst, src ); +} + +MBEDTLS_ALWAYS_INLINE static inline int mbedtls_md_info_process( + mbedtls_md_handle_t info, + void *ctx, + const unsigned char *input ) +{ + return( info->process_func( ctx, input ) ); +} + +#else /* !MBEDTLS_MD_SINGLE_HASH */ + +MBEDTLS_ALWAYS_INLINE static inline mbedtls_md_type_t mbedtls_md_info_type( + mbedtls_md_handle_t info ) +{ + ((void) info); + return( MBEDTLS_MD_INFO_TYPE( MBEDTLS_MD_SINGLE_HASH ) ); +} + +MBEDTLS_ALWAYS_INLINE static inline const char * mbedtls_md_info_name( + mbedtls_md_handle_t info ) +{ + ((void) info); + return( MBEDTLS_MD_INFO_NAME( MBEDTLS_MD_SINGLE_HASH ) ); +} + +MBEDTLS_ALWAYS_INLINE static inline int mbedtls_md_info_size( + mbedtls_md_handle_t info ) +{ + ((void) info); + return( MBEDTLS_MD_INFO_SIZE( MBEDTLS_MD_SINGLE_HASH ) ); +} + +MBEDTLS_ALWAYS_INLINE static inline int mbedtls_md_info_block_size( + mbedtls_md_handle_t info ) +{ + ((void) info); + return( MBEDTLS_MD_INFO_BLOCKSIZE( MBEDTLS_MD_SINGLE_HASH ) ); +} + +MBEDTLS_ALWAYS_INLINE static inline int mbedtls_md_info_starts( + mbedtls_md_handle_t info, + void *ctx ) +{ + ((void) info); + return( MBEDTLS_MD_INFO_STARTS_FUNC( MBEDTLS_MD_SINGLE_HASH )( ctx ) ); +} + +MBEDTLS_ALWAYS_INLINE static inline int mbedtls_md_info_update( + mbedtls_md_handle_t info, + void *ctx, + const unsigned char *input, + size_t ilen ) +{ + ((void) info); + return( MBEDTLS_MD_INFO_UPDATE_FUNC( MBEDTLS_MD_SINGLE_HASH ) + ( ctx, input, ilen ) ); +} + +MBEDTLS_ALWAYS_INLINE static inline void mbedtls_md_info_init( + mbedtls_md_handle_t info, + void *ctx ) +{ + ((void) info); + MBEDTLS_MD_INFO_INIT_FUNC( MBEDTLS_MD_SINGLE_HASH )( ctx ); +} + +MBEDTLS_ALWAYS_INLINE static inline int mbedtls_md_info_finish( + mbedtls_md_handle_t info, + void *ctx, + unsigned char *output ) +{ + ((void) info); + return( MBEDTLS_MD_INFO_FINISH_FUNC( MBEDTLS_MD_SINGLE_HASH ) + ( ctx, output ) ); +} + +MBEDTLS_ALWAYS_INLINE static inline int mbedtls_md_info_digest( + mbedtls_md_handle_t info, + const unsigned char *input, + size_t ilen, + unsigned char *output ) +{ + ((void) info); + return( MBEDTLS_MD_INFO_DIGEST_FUNC( MBEDTLS_MD_SINGLE_HASH ) + ( input, ilen, output ) ); +} + +MBEDTLS_ALWAYS_INLINE static inline void* mbedtls_md_info_ctx_alloc( + mbedtls_md_handle_t info ) +{ + ((void) info); + return( MBEDTLS_MD_INFO_ALLOC_FUNC( MBEDTLS_MD_SINGLE_HASH )() ); +} + +MBEDTLS_ALWAYS_INLINE static inline void mbedtls_md_info_ctx_free( + mbedtls_md_handle_t info, + void *ctx ) +{ + ((void) info); + MBEDTLS_MD_INFO_FREE_FUNC( MBEDTLS_MD_SINGLE_HASH )( ctx ); +} + +MBEDTLS_ALWAYS_INLINE static inline void mbedtls_md_info_clone( + mbedtls_md_handle_t info, + void *dst, + const void *src ) +{ + ((void) info); + MBEDTLS_MD_INFO_CLONE_FUNC( MBEDTLS_MD_SINGLE_HASH )( dst, src ); +} + +MBEDTLS_ALWAYS_INLINE static inline int mbedtls_md_info_process( + mbedtls_md_handle_t info, + void *ctx, + const unsigned char *input ) +{ + ((void) info); + return( MBEDTLS_MD_INFO_PROCESS_FUNC( MBEDTLS_MD_SINGLE_HASH ) + ( ctx, input ) ); +} + +#endif /* MBEDTLS_MD_SINGLE_HASH */ #ifdef __cplusplus } #endif -#endif /* MBEDTLS_MD_WRAP_H */ +#endif /* MBEDTLS_MD_INTERNAL_H */ diff --git a/library/CMakeLists.txt b/library/CMakeLists.txt index 461843b05..bb975cd35 100644 --- a/library/CMakeLists.txt +++ b/library/CMakeLists.txt @@ -38,7 +38,6 @@ set(src_crypto md2.c md4.c md5.c - md_wrap.c memory_buffer_alloc.c nist_kw.c oid.c diff --git a/library/Makefile b/library/Makefile index 50faed9ca..062846b7b 100644 --- a/library/Makefile +++ b/library/Makefile @@ -77,7 +77,7 @@ OBJS_CRYPTO= aes.o aesni.o arc4.o \ error.o gcm.o havege.o \ hkdf.o \ hmac_drbg.o md.o md2.o \ - md4.o md5.o md_wrap.o \ + md4.o md5.o \ memory_buffer_alloc.o nist_kw.o \ oid.o padlock.o pem.o \ pk.o pk_wrap.o pkcs12.o \ diff --git a/library/ecdsa.c b/library/ecdsa.c index 58e1a5fce..94bb7f0f4 100644 --- a/library/ecdsa.c +++ b/library/ecdsa.c @@ -412,11 +412,14 @@ static int ecdsa_sign_det_restartable( mbedtls_ecp_group *grp, mbedtls_hmac_drbg_context *p_rng = &rng_ctx; unsigned char data[2 * MBEDTLS_ECP_MAX_BYTES]; size_t grp_len = ( grp->nbits + 7 ) / 8; - const mbedtls_md_info_t *md_info; + mbedtls_md_handle_t md_info; mbedtls_mpi h; - if( ( md_info = mbedtls_md_info_from_type( md_alg ) ) == NULL ) + if( ( md_info = mbedtls_md_info_from_type( md_alg ) ) == + MBEDTLS_MD_INVALID_HANDLE ) + { return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA ); + } mbedtls_mpi_init( &h ); mbedtls_hmac_drbg_init( &rng_ctx ); diff --git a/library/ecjpake.c b/library/ecjpake.c index b276514e8..ea28e6d42 100644 --- a/library/ecjpake.c +++ b/library/ecjpake.c @@ -63,7 +63,7 @@ void mbedtls_ecjpake_init( mbedtls_ecjpake_context *ctx ) { ECJPAKE_VALIDATE( ctx != NULL ); - ctx->md_info = NULL; + ctx->md_info = MBEDTLS_MD_INVALID_HANDLE; mbedtls_ecp_group_init( &ctx->grp ); ctx->point_format = MBEDTLS_ECP_PF_UNCOMPRESSED; @@ -86,7 +86,7 @@ void mbedtls_ecjpake_free( mbedtls_ecjpake_context *ctx ) if( ctx == NULL ) return; - ctx->md_info = NULL; + ctx->md_info = MBEDTLS_MD_INVALID_HANDLE; mbedtls_ecp_group_free( &ctx->grp ); mbedtls_ecp_point_free( &ctx->Xm1 ); @@ -119,8 +119,11 @@ int mbedtls_ecjpake_setup( mbedtls_ecjpake_context *ctx, ctx->role = role; - if( ( ctx->md_info = mbedtls_md_info_from_type( hash ) ) == NULL ) + if( ( ctx->md_info = mbedtls_md_info_from_type( hash ) ) == + MBEDTLS_MD_INVALID_HANDLE ) + { return( MBEDTLS_ERR_MD_FEATURE_UNAVAILABLE ); + } MBEDTLS_MPI_CHK( mbedtls_ecp_group_load( &ctx->grp, curve ) ); @@ -140,7 +143,7 @@ int mbedtls_ecjpake_check( const mbedtls_ecjpake_context *ctx ) { ECJPAKE_VALIDATE_RET( ctx != NULL ); - if( ctx->md_info == NULL || + if( ctx->md_info == MBEDTLS_MD_INVALID_HANDLE || ctx->grp.id == MBEDTLS_ECP_DP_NONE || ctx->s.p == NULL ) { @@ -190,7 +193,7 @@ static int ecjpake_write_len_point( unsigned char **p, /* * Compute hash for ZKP (7.4.2.2.2.1) */ -static int ecjpake_hash( const mbedtls_md_info_t *md_info, +static int ecjpake_hash( mbedtls_md_handle_t md_info, const mbedtls_ecp_group *grp, const int pf, const mbedtls_ecp_point *G, @@ -240,7 +243,7 @@ cleanup: /* * Parse a ECShnorrZKP (7.4.2.2.2) and verify it (7.4.2.3.3) */ -static int ecjpake_zkp_read( const mbedtls_md_info_t *md_info, +static int ecjpake_zkp_read( mbedtls_md_handle_t md_info, const mbedtls_ecp_group *grp, const int pf, const mbedtls_ecp_point *G, @@ -312,7 +315,7 @@ cleanup: /* * Generate ZKP (7.4.2.3.2) and write it as ECSchnorrZKP (7.4.2.2.2) */ -static int ecjpake_zkp_write( const mbedtls_md_info_t *md_info, +static int ecjpake_zkp_write( mbedtls_md_handle_t md_info, const mbedtls_ecp_group *grp, const int pf, const mbedtls_ecp_point *G, @@ -373,7 +376,7 @@ cleanup: * Parse a ECJPAKEKeyKP (7.4.2.2.1) and check proof * Output: verified public key X */ -static int ecjpake_kkp_read( const mbedtls_md_info_t *md_info, +static int ecjpake_kkp_read( mbedtls_md_handle_t md_info, const mbedtls_ecp_group *grp, const int pf, const mbedtls_ecp_point *G, @@ -410,7 +413,7 @@ cleanup: * Generate an ECJPAKEKeyKP * Output: the serialized structure, plus private/public key pair */ -static int ecjpake_kkp_write( const mbedtls_md_info_t *md_info, +static int ecjpake_kkp_write( mbedtls_md_handle_t md_info, const mbedtls_ecp_group *grp, const int pf, const mbedtls_ecp_point *G, @@ -447,7 +450,7 @@ cleanup: * Read a ECJPAKEKeyKPPairList (7.4.2.3) and check proofs * Ouputs: verified peer public keys Xa, Xb */ -static int ecjpake_kkpp_read( const mbedtls_md_info_t *md_info, +static int ecjpake_kkpp_read( mbedtls_md_handle_t md_info, const mbedtls_ecp_group *grp, const int pf, const mbedtls_ecp_point *G, @@ -480,7 +483,7 @@ cleanup: * Generate a ECJPAKEKeyKPPairList * Outputs: the serialized structure, plus two private/public key pairs */ -static int ecjpake_kkpp_write( const mbedtls_md_info_t *md_info, +static int ecjpake_kkpp_write( mbedtls_md_handle_t md_info, const mbedtls_ecp_group *grp, const int pf, const mbedtls_ecp_point *G, diff --git a/library/hkdf.c b/library/hkdf.c index 82d8a429f..d64dc4da1 100644 --- a/library/hkdf.c +++ b/library/hkdf.c @@ -30,7 +30,7 @@ #include "mbedtls/hkdf.h" #include "mbedtls/platform_util.h" -int mbedtls_hkdf( const mbedtls_md_info_t *md, const unsigned char *salt, +int mbedtls_hkdf( mbedtls_md_handle_t md, const unsigned char *salt, size_t salt_len, const unsigned char *ikm, size_t ikm_len, const unsigned char *info, size_t info_len, unsigned char *okm, size_t okm_len ) @@ -51,7 +51,7 @@ int mbedtls_hkdf( const mbedtls_md_info_t *md, const unsigned char *salt, return( ret ); } -int mbedtls_hkdf_extract( const mbedtls_md_info_t *md, +int mbedtls_hkdf_extract( mbedtls_md_handle_t md, const unsigned char *salt, size_t salt_len, const unsigned char *ikm, size_t ikm_len, unsigned char *prk ) @@ -81,7 +81,7 @@ int mbedtls_hkdf_extract( const mbedtls_md_info_t *md, return( mbedtls_md_hmac( md, salt, salt_len, ikm, ikm_len, prk ) ); } -int mbedtls_hkdf_expand( const mbedtls_md_info_t *md, const unsigned char *prk, +int mbedtls_hkdf_expand( mbedtls_md_handle_t md, const unsigned char *prk, size_t prk_len, const unsigned char *info, size_t info_len, unsigned char *okm, size_t okm_len ) { diff --git a/library/hmac_drbg.c b/library/hmac_drbg.c index 34f18155e..b51e9b18d 100644 --- a/library/hmac_drbg.c +++ b/library/hmac_drbg.c @@ -70,7 +70,8 @@ int mbedtls_hmac_drbg_update_ret( mbedtls_hmac_drbg_context *ctx, const unsigned char *additional, size_t add_len ) { - size_t md_len = mbedtls_md_get_size( ctx->md_ctx.md_info ); + size_t md_len = mbedtls_md_get_size( + mbedtls_md_get_handle( &ctx->md_ctx ) ); unsigned char rounds = ( additional != NULL && add_len != 0 ) ? 2 : 1; unsigned char sep[1]; unsigned char K[MBEDTLS_MD_MAX_SIZE]; @@ -124,7 +125,7 @@ void mbedtls_hmac_drbg_update( mbedtls_hmac_drbg_context *ctx, * Simplified HMAC_DRBG initialisation (for use with deterministic ECDSA) */ int mbedtls_hmac_drbg_seed_buf( mbedtls_hmac_drbg_context *ctx, - const mbedtls_md_info_t * md_info, + mbedtls_md_handle_t md_info, const unsigned char *data, size_t data_len ) { int ret; @@ -246,7 +247,7 @@ int mbedtls_hmac_drbg_reseed( mbedtls_hmac_drbg_context *ctx, * from the entropy source as suggested in 8.6.7. */ int mbedtls_hmac_drbg_seed( mbedtls_hmac_drbg_context *ctx, - const mbedtls_md_info_t * md_info, + mbedtls_md_handle_t md_info, int (*f_entropy)(void *, unsigned char *, size_t), void *p_entropy, const unsigned char *custom, @@ -329,7 +330,8 @@ int mbedtls_hmac_drbg_random_with_add( void *p_rng, { int ret; mbedtls_hmac_drbg_context *ctx = (mbedtls_hmac_drbg_context *) p_rng; - size_t md_len = mbedtls_md_get_size( ctx->md_ctx.md_info ); + size_t md_len = mbedtls_md_get_size( + mbedtls_md_get_handle( &ctx->md_ctx ) ); size_t left = out_len; unsigned char *out = output; @@ -564,7 +566,7 @@ int mbedtls_hmac_drbg_self_test( int verbose ) { mbedtls_hmac_drbg_context ctx; unsigned char buf[OUTPUT_LEN]; - const mbedtls_md_info_t *md_info = mbedtls_md_info_from_type( MBEDTLS_MD_SHA1 ); + mbedtls_md_handle_t md_info = mbedtls_md_info_from_type( MBEDTLS_MD_SHA1 ); mbedtls_hmac_drbg_init( &ctx ); diff --git a/library/md.c b/library/md.c index b3525be3f..882942e13 100644 --- a/library/md.c +++ b/library/md.c @@ -32,7 +32,6 @@ #if defined(MBEDTLS_MD_C) #include "mbedtls/md.h" -#include "mbedtls/md_internal.h" #include "mbedtls/platform_util.h" #if defined(MBEDTLS_PLATFORM_C) @@ -49,6 +48,177 @@ #include #endif +#if !defined(MBEDTLS_MD_SINGLE_HASH) +/* + * + * Definitions of MD information structures for various digests. + * + */ + +/* + * MD-2 + */ +#if defined(MBEDTLS_MD2_C) +static const mbedtls_md_info_t mbedtls_md2_info = { + MBEDTLS_MD_MD2, + "MD2", + 16, + 16, + mbedtls_md2_starts_wrap, + mbedtls_md2_update_wrap, + mbedtls_md2_finish_wrap, + mbedtls_md2_ret, + mbedtls_md2_ctx_alloc, + mbedtls_md2_ctx_free, + mbedtls_md2_clone_wrap, + mbedtls_md2_process_wrap, +}; +#endif /* MBEDTLS_MD2_C */ + +/* + * MD-4 + */ + +#if defined(MBEDTLS_MD4_C) +static const mbedtls_md_info_t mbedtls_md4_info = { + MBEDTLS_MD_MD4, + "MD4", + 16, + 64, + mbedtls_md4_starts_wrap, + mbedtls_md4_update_wrap, + mbedtls_md4_finish_wrap, + mbedtls_md4_ret, + mbedtls_md4_ctx_alloc, + mbedtls_md4_ctx_free, + mbedtls_md4_clone_wrap, + mbedtls_md4_process_wrap, +}; +#endif /* MBEDTLS_MD4_C */ + +/* + * MD-5 + */ + +#if defined(MBEDTLS_MD5_C) +static const mbedtls_md_info_t mbedtls_md5_info = { + MBEDTLS_MD_MD5, + "MD5", + 16, + 64, + mbedtls_md5_starts_wrap, + mbedtls_md5_update_wrap, + mbedtls_md5_finish_wrap, + mbedtls_md5_ret, + mbedtls_md5_ctx_alloc, + mbedtls_md5_ctx_free, + mbedtls_md5_clone_wrap, + mbedtls_md5_process_wrap, +}; +#endif /* MBEDTLS_MD5_C */ + +/* + * RIPEMD-160 + */ + +#if defined(MBEDTLS_RIPEMD160_C) +static const mbedtls_md_info_t mbedtls_ripemd160_info = { + MBEDTLS_MD_RIPEMD160, + "RIPEMD160", + 20, + 64, + mbedtls_ripemd160_starts_wrap, + mbedtls_ripemd160_update_wrap, + mbedtls_ripemd160_finish_wrap, + mbedtls_ripemd160_ret, + mbedtls_ripemd160_ctx_alloc, + mbedtls_ripemd160_ctx_free, + mbedtls_ripemd160_clone_wrap, + mbedtls_ripemd160_process_wrap, +}; +#endif /* MBEDTLS_RIPEMD160_C */ + +/* + * SHA-1 + */ + +#if defined(MBEDTLS_SHA1_C) +static const mbedtls_md_info_t mbedtls_sha1_info = { + MBEDTLS_MD_SHA1, + "SHA1", + 20, + 64, + mbedtls_sha1_starts_wrap, + mbedtls_sha1_update_wrap, + mbedtls_sha1_finish_wrap, + mbedtls_sha1_ret, + mbedtls_sha1_ctx_alloc, + mbedtls_sha1_ctx_free, + mbedtls_sha1_clone_wrap, + mbedtls_sha1_process_wrap, +}; +#endif /* MBEDTLS_SHA1_C */ + +/* + * SHA-224 and SHA-256 + */ + +#if defined(MBEDTLS_SHA256_C) +#if !defined(MBEDTLS_SHA256_NO_SHA224) +static const mbedtls_md_info_t mbedtls_sha224_info = { + MBEDTLS_MD_SHA224, + "SHA224", + 28, + 64, + mbedtls_sha224_starts_wrap, + mbedtls_sha224_update_wrap, + mbedtls_sha224_finish_wrap, + mbedtls_sha224_wrap, + mbedtls_sha224_ctx_alloc, + mbedtls_sha224_ctx_free, + mbedtls_sha224_clone_wrap, + mbedtls_sha224_process_wrap, +}; +#endif /* !MBEDTLS_SHA256_NO_SHA224 */ +static const mbedtls_md_info_t mbedtls_sha256_info = + MBEDTLS_MD_INFO( MBEDTLS_MD_INFO_SHA256 ); +#endif /* MBEDTLS_SHA256_C */ + +/* + * SHA-384 and SHA-512 + */ + +#if defined(MBEDTLS_SHA512_C) +static const mbedtls_md_info_t mbedtls_sha384_info = { + MBEDTLS_MD_SHA384, + "SHA384", + 48, + 128, + mbedtls_sha384_starts_wrap, + mbedtls_sha384_update_wrap, + mbedtls_sha384_finish_wrap, + mbedtls_sha384_wrap, + mbedtls_sha384_ctx_alloc, + mbedtls_sha384_ctx_free, + mbedtls_sha384_clone_wrap, + mbedtls_sha384_process_wrap, +}; +static const mbedtls_md_info_t mbedtls_sha512_info = { + MBEDTLS_MD_SHA512, + "SHA512", + 64, + 128, + mbedtls_sha512_starts_wrap, + mbedtls_sha384_update_wrap, + mbedtls_sha384_finish_wrap, + mbedtls_sha512_wrap, + mbedtls_sha384_ctx_alloc, + mbedtls_sha384_ctx_free, + mbedtls_sha384_clone_wrap, + mbedtls_sha384_process_wrap, +}; +#endif /* MBEDTLS_SHA512_C */ + /* * Reminder: update profiles in x509_crt.c when adding a new hash! */ @@ -94,7 +264,7 @@ const int *mbedtls_md_list( void ) return( supported_digests ); } -const mbedtls_md_info_t *mbedtls_md_info_from_string( const char *md_name ) +mbedtls_md_handle_t mbedtls_md_info_from_string( const char *md_name ) { if( NULL == md_name ) return( NULL ); @@ -137,7 +307,7 @@ const mbedtls_md_info_t *mbedtls_md_info_from_string( const char *md_name ) return( NULL ); } -const mbedtls_md_info_t *mbedtls_md_info_from_type( mbedtls_md_type_t md_type ) +mbedtls_md_handle_t mbedtls_md_info_from_type( mbedtls_md_type_t md_type ) { switch( md_type ) { @@ -180,25 +350,69 @@ const mbedtls_md_info_t *mbedtls_md_info_from_type( mbedtls_md_type_t md_type ) } } +#else /* MBEDTLS_MD_SINGLE_HASH */ + +const int *mbedtls_md_list( void ) +{ + static int single_hash[2] = + { MBEDTLS_MD_INFO_TYPE( MBEDTLS_MD_SINGLE_HASH ), + MBEDTLS_MD_INVALID_HANDLE }; + + return( single_hash ); +} + +mbedtls_md_handle_t mbedtls_md_info_from_string( const char *md_name ) +{ + static const char * const hash_name = + MBEDTLS_MD_INFO_NAME( MBEDTLS_MD_SINGLE_HASH ); + + if( md_name != NULL && strcmp( hash_name, md_name ) == 0 ) + return( MBEDTLS_MD_UNIQUE_VALID_HANDLE ); + + return( MBEDTLS_MD_INVALID_HANDLE ); +} + +mbedtls_md_handle_t mbedtls_md_info_from_type( mbedtls_md_type_t md_type ) +{ + static const mbedtls_md_type_t hash_type = + MBEDTLS_MD_INFO_TYPE( MBEDTLS_MD_SINGLE_HASH ); + + if( hash_type == md_type ) + return( MBEDTLS_MD_UNIQUE_VALID_HANDLE ); + + return( MBEDTLS_MD_INVALID_HANDLE ); +} + +#endif /* MBEDTLS_MD_SINGLE_HASH */ + void mbedtls_md_init( mbedtls_md_context_t *ctx ) { memset( ctx, 0, sizeof( mbedtls_md_context_t ) ); + +#if defined(MBEDTLS_MD_SINGLE_HASH) + mbedtls_md_info_init( mbedtls_md_get_handle( ctx ), + ctx->md_ctx ); +#endif } void mbedtls_md_free( mbedtls_md_context_t *ctx ) { - if( ctx == NULL || ctx->md_info == NULL ) + if( ctx == NULL || mbedtls_md_get_handle( ctx ) == MBEDTLS_MD_INVALID_HANDLE ) return; +#if !defined(MBEDTLS_MD_SINGLE_HASH) if( ctx->md_ctx != NULL ) - ctx->md_info->ctx_free_func( ctx->md_ctx ); + { + mbedtls_md_info_ctx_free( mbedtls_md_get_handle( ctx ), ctx->md_ctx ); + } if( ctx->hmac_ctx != NULL ) { mbedtls_platform_zeroize( ctx->hmac_ctx, - 2 * ctx->md_info->block_size ); + 2 * mbedtls_md_info_block_size( mbedtls_md_get_handle( ctx ) ) ); mbedtls_free( ctx->hmac_ctx ); } +#endif /* MBEDTLS_MD_SINGLE_HASH */ mbedtls_platform_zeroize( ctx, sizeof( mbedtls_md_context_t ) ); } @@ -206,83 +420,57 @@ void mbedtls_md_free( mbedtls_md_context_t *ctx ) int mbedtls_md_clone( mbedtls_md_context_t *dst, const mbedtls_md_context_t *src ) { - if( dst == NULL || dst->md_info == NULL || - src == NULL || src->md_info == NULL || - dst->md_info != src->md_info ) + if( dst == NULL || mbedtls_md_get_handle( dst ) == MBEDTLS_MD_INVALID_HANDLE || + src == NULL || mbedtls_md_get_handle( src ) == MBEDTLS_MD_INVALID_HANDLE || + mbedtls_md_get_handle( dst ) != mbedtls_md_get_handle( src ) ) { return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); } - dst->md_info->clone_func( dst->md_ctx, src->md_ctx ); - + mbedtls_md_info_clone( mbedtls_md_get_handle( dst ), + dst->md_ctx, src->md_ctx ); return( 0 ); } #if ! defined(MBEDTLS_DEPRECATED_REMOVED) -int mbedtls_md_init_ctx( mbedtls_md_context_t *ctx, const mbedtls_md_info_t *md_info ) +int mbedtls_md_init_ctx( mbedtls_md_context_t *ctx, mbedtls_md_handle_t md_info ) { return mbedtls_md_setup( ctx, md_info, 1 ); } #endif -int mbedtls_md_setup( mbedtls_md_context_t *ctx, const mbedtls_md_info_t *md_info, int hmac ) +#if !defined(MBEDTLS_MD_SINGLE_HASH) +int mbedtls_md_setup( mbedtls_md_context_t *ctx, mbedtls_md_handle_t md_info, int hmac ) { - if( md_info == NULL || ctx == NULL ) - return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); - - if( ( ctx->md_ctx = md_info->ctx_alloc_func() ) == NULL ) - return( MBEDTLS_ERR_MD_ALLOC_FAILED ); - - if( hmac != 0 ) - { - ctx->hmac_ctx = mbedtls_calloc( 2, md_info->block_size ); - if( ctx->hmac_ctx == NULL ) - { - md_info->ctx_free_func( ctx->md_ctx ); - return( MBEDTLS_ERR_MD_ALLOC_FAILED ); - } - } - - ctx->md_info = md_info; - - return( 0 ); + return( mbedtls_md_setup_internal( ctx, md_info, hmac ) ); } int mbedtls_md_starts( mbedtls_md_context_t *ctx ) { - if( ctx == NULL || ctx->md_info == NULL ) - return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); - - return( ctx->md_info->starts_func( ctx->md_ctx ) ); + return( mbedtls_md_starts_internal( ctx ) ); } -int mbedtls_md_update( mbedtls_md_context_t *ctx, const unsigned char *input, size_t ilen ) +int mbedtls_md_update( mbedtls_md_context_t *ctx, + const unsigned char *input, + size_t ilen ) { - if( ctx == NULL || ctx->md_info == NULL ) - return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); - - return( ctx->md_info->update_func( ctx->md_ctx, input, ilen ) ); + return( mbedtls_md_update_internal( ctx, input, ilen ) ); } int mbedtls_md_finish( mbedtls_md_context_t *ctx, unsigned char *output ) { - if( ctx == NULL || ctx->md_info == NULL ) - return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); - - return( ctx->md_info->finish_func( ctx->md_ctx, output ) ); + return( mbedtls_md_finish_internal( ctx, output ) ); } -int mbedtls_md( const mbedtls_md_info_t *md_info, const unsigned char *input, size_t ilen, +int mbedtls_md( mbedtls_md_handle_t md_info, const unsigned char *input, size_t ilen, unsigned char *output ) { - if( md_info == NULL ) - return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); - - return( md_info->digest_func( input, ilen, output ) ); + return( mbedtls_md_internal( md_info, input, ilen, output ) ); } +#endif /* !MBEDTLS_MD_SINGLE_HASH */ #if defined(MBEDTLS_FS_IO) -int mbedtls_md_file( const mbedtls_md_info_t *md_info, const char *path, unsigned char *output ) +int mbedtls_md_file( mbedtls_md_handle_t md_info, const char *path, unsigned char *output ) { int ret; FILE *f; @@ -290,7 +478,7 @@ int mbedtls_md_file( const mbedtls_md_info_t *md_info, const char *path, unsigne mbedtls_md_context_t ctx; unsigned char buf[1024]; - if( md_info == NULL ) + if( md_info == MBEDTLS_MD_INVALID_HANDLE ) return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); if( ( f = fopen( path, "rb" ) ) == NULL ) @@ -301,17 +489,27 @@ int mbedtls_md_file( const mbedtls_md_info_t *md_info, const char *path, unsigne if( ( ret = mbedtls_md_setup( &ctx, md_info, 0 ) ) != 0 ) goto cleanup; - if( ( ret = md_info->starts_func( ctx.md_ctx ) ) != 0 ) + ret = mbedtls_md_info_starts( md_info, ctx.md_ctx ); + if( ret != 0 ) goto cleanup; while( ( n = fread( buf, 1, sizeof( buf ), f ) ) > 0 ) - if( ( ret = md_info->update_func( ctx.md_ctx, buf, n ) ) != 0 ) + { + ret = mbedtls_md_info_update( md_info, ctx.md_ctx, + buf, n ); + if( ret != 0 ) goto cleanup; + } if( ferror( f ) != 0 ) + { ret = MBEDTLS_ERR_MD_FILE_IO_ERROR; + } else - ret = md_info->finish_func( ctx.md_ctx, output ); + { + ret = mbedtls_md_info_finish( md_info, ctx.md_ctx, + output ); + } cleanup: mbedtls_platform_zeroize( buf, sizeof( buf ) ); @@ -329,27 +527,44 @@ int mbedtls_md_hmac_starts( mbedtls_md_context_t *ctx, const unsigned char *key, unsigned char *ipad, *opad; size_t i; - if( ctx == NULL || ctx->md_info == NULL || ctx->hmac_ctx == NULL ) + mbedtls_md_handle_t md_info; + + if( ctx == NULL ) return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); - if( keylen > (size_t) ctx->md_info->block_size ) +#if !defined(MBEDTLS_MD_SINGLE_HASH) + if( ctx->hmac_ctx == NULL ) + return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); +#endif /* !MBEDTLS_MD_SINGLE_HASH */ + + md_info = mbedtls_md_get_handle( ctx ); + if( md_info == MBEDTLS_MD_INVALID_HANDLE ) + return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); + + if( keylen > (size_t) mbedtls_md_info_block_size( md_info ) ) { - if( ( ret = ctx->md_info->starts_func( ctx->md_ctx ) ) != 0 ) - goto cleanup; - if( ( ret = ctx->md_info->update_func( ctx->md_ctx, key, keylen ) ) != 0 ) - goto cleanup; - if( ( ret = ctx->md_info->finish_func( ctx->md_ctx, sum ) ) != 0 ) + if( ( ret = mbedtls_md_info_starts( md_info, ctx->md_ctx ) ) != 0 ) goto cleanup; - keylen = ctx->md_info->size; + if( ( ret = mbedtls_md_info_update( md_info, ctx->md_ctx, + key, keylen ) ) != 0 ) + { + goto cleanup; + } + + if( ( ret = mbedtls_md_info_finish( md_info, ctx->md_ctx, sum ) ) != 0 ) + goto cleanup; + + keylen = mbedtls_md_info_size( md_info ); key = sum; } ipad = (unsigned char *) ctx->hmac_ctx; - opad = (unsigned char *) ctx->hmac_ctx + ctx->md_info->block_size; + opad = (unsigned char *) ctx->hmac_ctx + + mbedtls_md_info_block_size( md_info ); - memset( ipad, 0x36, ctx->md_info->block_size ); - memset( opad, 0x5C, ctx->md_info->block_size ); + memset( ipad, 0x36, mbedtls_md_info_block_size( md_info ) ); + memset( opad, 0x5C, mbedtls_md_info_block_size( md_info ) ); for( i = 0; i < keylen; i++ ) { @@ -357,11 +572,14 @@ int mbedtls_md_hmac_starts( mbedtls_md_context_t *ctx, const unsigned char *key, opad[i] = (unsigned char)( opad[i] ^ key[i] ); } - if( ( ret = ctx->md_info->starts_func( ctx->md_ctx ) ) != 0 ) + if( ( ret = mbedtls_md_info_starts( md_info, ctx->md_ctx ) ) != 0 ) goto cleanup; - if( ( ret = ctx->md_info->update_func( ctx->md_ctx, ipad, - ctx->md_info->block_size ) ) != 0 ) + + if( ( ret = mbedtls_md_info_update( md_info, ctx->md_ctx, ipad, + mbedtls_md_info_block_size( md_info ) ) ) != 0 ) + { goto cleanup; + } cleanup: mbedtls_platform_zeroize( sum, sizeof( sum ) ); @@ -369,12 +587,26 @@ cleanup: return( ret ); } -int mbedtls_md_hmac_update( mbedtls_md_context_t *ctx, const unsigned char *input, size_t ilen ) +int mbedtls_md_hmac_update( mbedtls_md_context_t *ctx, + const unsigned char *input, size_t ilen ) { - if( ctx == NULL || ctx->md_info == NULL || ctx->hmac_ctx == NULL ) + mbedtls_md_handle_t md_info; + + if( ctx == NULL ) return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); - return( ctx->md_info->update_func( ctx->md_ctx, input, ilen ) ); +#if !defined(MBEDTLS_MD_SINGLE_HASH) + if( ctx->hmac_ctx == NULL ) + return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); +#endif /* !MBEDTLS_MD_SINGLE_HASH */ + + md_info = mbedtls_md_get_handle( ctx ); + if( md_info == MBEDTLS_MD_INVALID_HANDLE ) + return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); + + return( mbedtls_md_info_update( md_info, + ctx->md_ctx, input, + ilen ) ); } int mbedtls_md_hmac_finish( mbedtls_md_context_t *ctx, unsigned char *output ) @@ -383,22 +615,45 @@ int mbedtls_md_hmac_finish( mbedtls_md_context_t *ctx, unsigned char *output ) unsigned char tmp[MBEDTLS_MD_MAX_SIZE]; unsigned char *opad; - if( ctx == NULL || ctx->md_info == NULL || ctx->hmac_ctx == NULL ) + mbedtls_md_handle_t md_info; + + if( ctx == NULL ) return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); - opad = (unsigned char *) ctx->hmac_ctx + ctx->md_info->block_size; +#if !defined(MBEDTLS_MD_SINGLE_HASH) + if( ctx->hmac_ctx == NULL ) + return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); +#endif /* !MBEDTLS_MD_SINGLE_HASH */ - if( ( ret = ctx->md_info->finish_func( ctx->md_ctx, tmp ) ) != 0 ) + md_info = mbedtls_md_get_handle( ctx ); + if( md_info == MBEDTLS_MD_INVALID_HANDLE ) + return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); + + opad = (unsigned char *) ctx->hmac_ctx + + mbedtls_md_info_block_size( md_info ); + + if( ( ret = mbedtls_md_info_finish( md_info, ctx->md_ctx, tmp ) ) != 0 ) return( ret ); - if( ( ret = ctx->md_info->starts_func( ctx->md_ctx ) ) != 0 ) + + if( ( ret = mbedtls_md_info_starts( md_info, ctx->md_ctx ) ) != 0 ) return( ret ); - if( ( ret = ctx->md_info->update_func( ctx->md_ctx, opad, - ctx->md_info->block_size ) ) != 0 ) + + if( ( ret = mbedtls_md_info_update( md_info, ctx->md_ctx, opad, + mbedtls_md_info_block_size( md_info ) ) ) != 0 ) + { return( ret ); - if( ( ret = ctx->md_info->update_func( ctx->md_ctx, tmp, - ctx->md_info->size ) ) != 0 ) + } + + if( ( ret = mbedtls_md_info_update( md_info, ctx->md_ctx, tmp, + mbedtls_md_info_size( md_info ) ) ) != 0 ) + { return( ret ); - return( ctx->md_info->finish_func( ctx->md_ctx, output ) ); + } + + if( ( ret = mbedtls_md_info_finish( md_info, ctx->md_ctx, output ) ) != 0 ) + return( ret ); + + return( 0 ); } int mbedtls_md_hmac_reset( mbedtls_md_context_t *ctx ) @@ -406,18 +661,33 @@ int mbedtls_md_hmac_reset( mbedtls_md_context_t *ctx ) int ret; unsigned char *ipad; - if( ctx == NULL || ctx->md_info == NULL || ctx->hmac_ctx == NULL ) + mbedtls_md_handle_t md_info; + + if( ctx == NULL ) + return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); + +#if !defined(MBEDTLS_MD_SINGLE_HASH) + if( ctx->hmac_ctx == NULL ) + return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); +#endif /* !MBEDTLS_MD_SINGLE_HASH */ + + md_info = mbedtls_md_get_handle( ctx ); + if( md_info == MBEDTLS_MD_INVALID_HANDLE ) return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); ipad = (unsigned char *) ctx->hmac_ctx; - if( ( ret = ctx->md_info->starts_func( ctx->md_ctx ) ) != 0 ) + ret = mbedtls_md_info_starts( md_info, ctx->md_ctx ); + if( ret != 0 ) return( ret ); - return( ctx->md_info->update_func( ctx->md_ctx, ipad, - ctx->md_info->block_size ) ); + + ret = mbedtls_md_info_update( md_info, + ctx->md_ctx, ipad, + mbedtls_md_info_block_size( md_info ) ); + return( ret ); } -int mbedtls_md_hmac( const mbedtls_md_info_t *md_info, +int mbedtls_md_hmac( mbedtls_md_handle_t md_info, const unsigned char *key, size_t keylen, const unsigned char *input, size_t ilen, unsigned char *output ) @@ -425,7 +695,7 @@ int mbedtls_md_hmac( const mbedtls_md_info_t *md_info, mbedtls_md_context_t ctx; int ret; - if( md_info == NULL ) + if( md_info == MBEDTLS_MD_INVALID_HANDLE ) return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); mbedtls_md_init( &ctx ); @@ -446,36 +716,35 @@ cleanup: return( ret ); } +#if !defined(MBEDTLS_MD_SINGLE_HASH) int mbedtls_md_process( mbedtls_md_context_t *ctx, const unsigned char *data ) { - if( ctx == NULL || ctx->md_info == NULL ) - return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); - - return( ctx->md_info->process_func( ctx->md_ctx, data ) ); + return( mbedtls_md_process_internal( ctx, data ) ); } +#endif /* !MBEDTLS_MD_SINGLE_HASH */ -unsigned char mbedtls_md_get_size( const mbedtls_md_info_t *md_info ) +unsigned char mbedtls_md_get_size( mbedtls_md_handle_t md_info ) { - if( md_info == NULL ) + if( md_info == MBEDTLS_MD_INVALID_HANDLE ) return( 0 ); - return md_info->size; + return mbedtls_md_info_size( md_info ); } -mbedtls_md_type_t mbedtls_md_get_type( const mbedtls_md_info_t *md_info ) +mbedtls_md_type_t mbedtls_md_get_type( mbedtls_md_handle_t md_info ) { - if( md_info == NULL ) + if( md_info == MBEDTLS_MD_INVALID_HANDLE ) return( MBEDTLS_MD_NONE ); - return md_info->type; + return mbedtls_md_info_type( md_info ); } -const char *mbedtls_md_get_name( const mbedtls_md_info_t *md_info ) +const char *mbedtls_md_get_name( mbedtls_md_handle_t md_info ) { - if( md_info == NULL ) + if( md_info == MBEDTLS_MD_INVALID_HANDLE ) return( NULL ); - return md_info->name; + return mbedtls_md_info_name( md_info ); } #endif /* MBEDTLS_MD_C */ diff --git a/library/md_wrap.c b/library/md_wrap.c deleted file mode 100644 index 0f8132fbf..000000000 --- a/library/md_wrap.c +++ /dev/null @@ -1,592 +0,0 @@ -/** - * \file md_wrap.c - * - * \brief Generic message digest wrapper for mbed TLS - * - * \author Adriaan de Jong - * - * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * This file is part of mbed TLS (https://tls.mbed.org) - */ - -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif - -#if defined(MBEDTLS_MD_C) - -#include "mbedtls/md_internal.h" - -#if defined(MBEDTLS_MD2_C) -#include "mbedtls/md2.h" -#endif - -#if defined(MBEDTLS_MD4_C) -#include "mbedtls/md4.h" -#endif - -#if defined(MBEDTLS_MD5_C) -#include "mbedtls/md5.h" -#endif - -#if defined(MBEDTLS_RIPEMD160_C) -#include "mbedtls/ripemd160.h" -#endif - -#if defined(MBEDTLS_SHA1_C) -#include "mbedtls/sha1.h" -#endif - -#if defined(MBEDTLS_SHA256_C) -#include "mbedtls/sha256.h" -#endif - -#if defined(MBEDTLS_SHA512_C) -#include "mbedtls/sha512.h" -#endif - -#if defined(MBEDTLS_PLATFORM_C) -#include "mbedtls/platform.h" -#else -#include -#define mbedtls_calloc calloc -#define mbedtls_free free -#endif - -#if defined(MBEDTLS_MD2_C) - -static int md2_starts_wrap( void *ctx ) -{ - return( mbedtls_md2_starts_ret( (mbedtls_md2_context *) ctx ) ); -} - -static int md2_update_wrap( void *ctx, const unsigned char *input, - size_t ilen ) -{ - return( mbedtls_md2_update_ret( (mbedtls_md2_context *) ctx, input, ilen ) ); -} - -static int md2_finish_wrap( void *ctx, unsigned char *output ) -{ - return( mbedtls_md2_finish_ret( (mbedtls_md2_context *) ctx, output ) ); -} - -static void *md2_ctx_alloc( void ) -{ - void *ctx = mbedtls_calloc( 1, sizeof( mbedtls_md2_context ) ); - - if( ctx != NULL ) - mbedtls_md2_init( (mbedtls_md2_context *) ctx ); - - return( ctx ); -} - -static void md2_ctx_free( void *ctx ) -{ - mbedtls_md2_free( (mbedtls_md2_context *) ctx ); - mbedtls_free( ctx ); -} - -static void md2_clone_wrap( void *dst, const void *src ) -{ - mbedtls_md2_clone( (mbedtls_md2_context *) dst, - (const mbedtls_md2_context *) src ); -} - -static int md2_process_wrap( void *ctx, const unsigned char *data ) -{ - ((void) data); - - return( mbedtls_internal_md2_process( (mbedtls_md2_context *) ctx ) ); -} - -const mbedtls_md_info_t mbedtls_md2_info = { - MBEDTLS_MD_MD2, - "MD2", - 16, - 16, - md2_starts_wrap, - md2_update_wrap, - md2_finish_wrap, - mbedtls_md2_ret, - md2_ctx_alloc, - md2_ctx_free, - md2_clone_wrap, - md2_process_wrap, -}; - -#endif /* MBEDTLS_MD2_C */ - -#if defined(MBEDTLS_MD4_C) - -static int md4_starts_wrap( void *ctx ) -{ - return( mbedtls_md4_starts_ret( (mbedtls_md4_context *) ctx ) ); -} - -static int md4_update_wrap( void *ctx, const unsigned char *input, - size_t ilen ) -{ - return( mbedtls_md4_update_ret( (mbedtls_md4_context *) ctx, input, ilen ) ); -} - -static int md4_finish_wrap( void *ctx, unsigned char *output ) -{ - return( mbedtls_md4_finish_ret( (mbedtls_md4_context *) ctx, output ) ); -} - -static void *md4_ctx_alloc( void ) -{ - void *ctx = mbedtls_calloc( 1, sizeof( mbedtls_md4_context ) ); - - if( ctx != NULL ) - mbedtls_md4_init( (mbedtls_md4_context *) ctx ); - - return( ctx ); -} - -static void md4_ctx_free( void *ctx ) -{ - mbedtls_md4_free( (mbedtls_md4_context *) ctx ); - mbedtls_free( ctx ); -} - -static void md4_clone_wrap( void *dst, const void *src ) -{ - mbedtls_md4_clone( (mbedtls_md4_context *) dst, - (const mbedtls_md4_context *) src ); -} - -static int md4_process_wrap( void *ctx, const unsigned char *data ) -{ - return( mbedtls_internal_md4_process( (mbedtls_md4_context *) ctx, data ) ); -} - -const mbedtls_md_info_t mbedtls_md4_info = { - MBEDTLS_MD_MD4, - "MD4", - 16, - 64, - md4_starts_wrap, - md4_update_wrap, - md4_finish_wrap, - mbedtls_md4_ret, - md4_ctx_alloc, - md4_ctx_free, - md4_clone_wrap, - md4_process_wrap, -}; - -#endif /* MBEDTLS_MD4_C */ - -#if defined(MBEDTLS_MD5_C) - -static int md5_starts_wrap( void *ctx ) -{ - return( mbedtls_md5_starts_ret( (mbedtls_md5_context *) ctx ) ); -} - -static int md5_update_wrap( void *ctx, const unsigned char *input, - size_t ilen ) -{ - return( mbedtls_md5_update_ret( (mbedtls_md5_context *) ctx, input, ilen ) ); -} - -static int md5_finish_wrap( void *ctx, unsigned char *output ) -{ - return( mbedtls_md5_finish_ret( (mbedtls_md5_context *) ctx, output ) ); -} - -static void *md5_ctx_alloc( void ) -{ - void *ctx = mbedtls_calloc( 1, sizeof( mbedtls_md5_context ) ); - - if( ctx != NULL ) - mbedtls_md5_init( (mbedtls_md5_context *) ctx ); - - return( ctx ); -} - -static void md5_ctx_free( void *ctx ) -{ - mbedtls_md5_free( (mbedtls_md5_context *) ctx ); - mbedtls_free( ctx ); -} - -static void md5_clone_wrap( void *dst, const void *src ) -{ - mbedtls_md5_clone( (mbedtls_md5_context *) dst, - (const mbedtls_md5_context *) src ); -} - -static int md5_process_wrap( void *ctx, const unsigned char *data ) -{ - return( mbedtls_internal_md5_process( (mbedtls_md5_context *) ctx, data ) ); -} - -const mbedtls_md_info_t mbedtls_md5_info = { - MBEDTLS_MD_MD5, - "MD5", - 16, - 64, - md5_starts_wrap, - md5_update_wrap, - md5_finish_wrap, - mbedtls_md5_ret, - md5_ctx_alloc, - md5_ctx_free, - md5_clone_wrap, - md5_process_wrap, -}; - -#endif /* MBEDTLS_MD5_C */ - -#if defined(MBEDTLS_RIPEMD160_C) - -static int ripemd160_starts_wrap( void *ctx ) -{ - return( mbedtls_ripemd160_starts_ret( (mbedtls_ripemd160_context *) ctx ) ); -} - -static int ripemd160_update_wrap( void *ctx, const unsigned char *input, - size_t ilen ) -{ - return( mbedtls_ripemd160_update_ret( (mbedtls_ripemd160_context *) ctx, - input, ilen ) ); -} - -static int ripemd160_finish_wrap( void *ctx, unsigned char *output ) -{ - return( mbedtls_ripemd160_finish_ret( (mbedtls_ripemd160_context *) ctx, - output ) ); -} - -static void *ripemd160_ctx_alloc( void ) -{ - void *ctx = mbedtls_calloc( 1, sizeof( mbedtls_ripemd160_context ) ); - - if( ctx != NULL ) - mbedtls_ripemd160_init( (mbedtls_ripemd160_context *) ctx ); - - return( ctx ); -} - -static void ripemd160_ctx_free( void *ctx ) -{ - mbedtls_ripemd160_free( (mbedtls_ripemd160_context *) ctx ); - mbedtls_free( ctx ); -} - -static void ripemd160_clone_wrap( void *dst, const void *src ) -{ - mbedtls_ripemd160_clone( (mbedtls_ripemd160_context *) dst, - (const mbedtls_ripemd160_context *) src ); -} - -static int ripemd160_process_wrap( void *ctx, const unsigned char *data ) -{ - return( mbedtls_internal_ripemd160_process( - (mbedtls_ripemd160_context *) ctx, data ) ); -} - -const mbedtls_md_info_t mbedtls_ripemd160_info = { - MBEDTLS_MD_RIPEMD160, - "RIPEMD160", - 20, - 64, - ripemd160_starts_wrap, - ripemd160_update_wrap, - ripemd160_finish_wrap, - mbedtls_ripemd160_ret, - ripemd160_ctx_alloc, - ripemd160_ctx_free, - ripemd160_clone_wrap, - ripemd160_process_wrap, -}; - -#endif /* MBEDTLS_RIPEMD160_C */ - -#if defined(MBEDTLS_SHA1_C) - -static int sha1_starts_wrap( void *ctx ) -{ - return( mbedtls_sha1_starts_ret( (mbedtls_sha1_context *) ctx ) ); -} - -static int sha1_update_wrap( void *ctx, const unsigned char *input, - size_t ilen ) -{ - return( mbedtls_sha1_update_ret( (mbedtls_sha1_context *) ctx, - input, ilen ) ); -} - -static int sha1_finish_wrap( void *ctx, unsigned char *output ) -{ - return( mbedtls_sha1_finish_ret( (mbedtls_sha1_context *) ctx, output ) ); -} - -static void *sha1_ctx_alloc( void ) -{ - void *ctx = mbedtls_calloc( 1, sizeof( mbedtls_sha1_context ) ); - - if( ctx != NULL ) - mbedtls_sha1_init( (mbedtls_sha1_context *) ctx ); - - return( ctx ); -} - -static void sha1_clone_wrap( void *dst, const void *src ) -{ - mbedtls_sha1_clone( (mbedtls_sha1_context *) dst, - (const mbedtls_sha1_context *) src ); -} - -static void sha1_ctx_free( void *ctx ) -{ - mbedtls_sha1_free( (mbedtls_sha1_context *) ctx ); - mbedtls_free( ctx ); -} - -static int sha1_process_wrap( void *ctx, const unsigned char *data ) -{ - return( mbedtls_internal_sha1_process( (mbedtls_sha1_context *) ctx, - data ) ); -} - -const mbedtls_md_info_t mbedtls_sha1_info = { - MBEDTLS_MD_SHA1, - "SHA1", - 20, - 64, - sha1_starts_wrap, - sha1_update_wrap, - sha1_finish_wrap, - mbedtls_sha1_ret, - sha1_ctx_alloc, - sha1_ctx_free, - sha1_clone_wrap, - sha1_process_wrap, -}; - -#endif /* MBEDTLS_SHA1_C */ - -/* - * Wrappers for generic message digests - */ -#if defined(MBEDTLS_SHA256_C) - -#if !defined(MBEDTLS_SHA256_NO_SHA224) -static int sha224_starts_wrap( void *ctx ) -{ - return( mbedtls_sha256_starts_ret( (mbedtls_sha256_context *) ctx, 1 ) ); -} -#endif /* !MBEDTLS_SHA256_NO_SHA224 */ - -static int sha224_update_wrap( void *ctx, const unsigned char *input, - size_t ilen ) -{ - return( mbedtls_sha256_update_ret( (mbedtls_sha256_context *) ctx, - input, ilen ) ); -} - -static int sha224_finish_wrap( void *ctx, unsigned char *output ) -{ - return( mbedtls_sha256_finish_ret( (mbedtls_sha256_context *) ctx, - output ) ); -} - -#if !defined(MBEDTLS_SHA256_NO_SHA224) -static int sha224_wrap( const unsigned char *input, size_t ilen, - unsigned char *output ) -{ - return( mbedtls_sha256_ret( input, ilen, output, 1 ) ); -} -#endif /* !MBEDTLS_SHA256_NO_SHA224 */ - -static void *sha224_ctx_alloc( void ) -{ - void *ctx = mbedtls_calloc( 1, sizeof( mbedtls_sha256_context ) ); - - if( ctx != NULL ) - mbedtls_sha256_init( (mbedtls_sha256_context *) ctx ); - - return( ctx ); -} - -static void sha224_ctx_free( void *ctx ) -{ - mbedtls_sha256_free( (mbedtls_sha256_context *) ctx ); - mbedtls_free( ctx ); -} - -static void sha224_clone_wrap( void *dst, const void *src ) -{ - mbedtls_sha256_clone( (mbedtls_sha256_context *) dst, - (const mbedtls_sha256_context *) src ); -} - -static int sha224_process_wrap( void *ctx, const unsigned char *data ) -{ - return( mbedtls_internal_sha256_process( (mbedtls_sha256_context *) ctx, - data ) ); -} - -#if !defined(MBEDTLS_SHA256_NO_SHA224) -const mbedtls_md_info_t mbedtls_sha224_info = { - MBEDTLS_MD_SHA224, - "SHA224", - 28, - 64, - sha224_starts_wrap, - sha224_update_wrap, - sha224_finish_wrap, - sha224_wrap, - sha224_ctx_alloc, - sha224_ctx_free, - sha224_clone_wrap, - sha224_process_wrap, -}; -#endif /* !MBEDTLS_SHA256_NO_SHA224 */ - -static int sha256_starts_wrap( void *ctx ) -{ - return( mbedtls_sha256_starts_ret( (mbedtls_sha256_context *) ctx, 0 ) ); -} - -static int sha256_wrap( const unsigned char *input, size_t ilen, - unsigned char *output ) -{ - return( mbedtls_sha256_ret( input, ilen, output, 0 ) ); -} - -const mbedtls_md_info_t mbedtls_sha256_info = { - MBEDTLS_MD_SHA256, - "SHA256", - 32, - 64, - sha256_starts_wrap, - sha224_update_wrap, - sha224_finish_wrap, - sha256_wrap, - sha224_ctx_alloc, - sha224_ctx_free, - sha224_clone_wrap, - sha224_process_wrap, -}; - -#endif /* MBEDTLS_SHA256_C */ - -#if defined(MBEDTLS_SHA512_C) - -static int sha384_starts_wrap( void *ctx ) -{ - return( mbedtls_sha512_starts_ret( (mbedtls_sha512_context *) ctx, 1 ) ); -} - -static int sha384_update_wrap( void *ctx, const unsigned char *input, - size_t ilen ) -{ - return( mbedtls_sha512_update_ret( (mbedtls_sha512_context *) ctx, - input, ilen ) ); -} - -static int sha384_finish_wrap( void *ctx, unsigned char *output ) -{ - return( mbedtls_sha512_finish_ret( (mbedtls_sha512_context *) ctx, - output ) ); -} - -static int sha384_wrap( const unsigned char *input, size_t ilen, - unsigned char *output ) -{ - return( mbedtls_sha512_ret( input, ilen, output, 1 ) ); -} - -static void *sha384_ctx_alloc( void ) -{ - void *ctx = mbedtls_calloc( 1, sizeof( mbedtls_sha512_context ) ); - - if( ctx != NULL ) - mbedtls_sha512_init( (mbedtls_sha512_context *) ctx ); - - return( ctx ); -} - -static void sha384_ctx_free( void *ctx ) -{ - mbedtls_sha512_free( (mbedtls_sha512_context *) ctx ); - mbedtls_free( ctx ); -} - -static void sha384_clone_wrap( void *dst, const void *src ) -{ - mbedtls_sha512_clone( (mbedtls_sha512_context *) dst, - (const mbedtls_sha512_context *) src ); -} - -static int sha384_process_wrap( void *ctx, const unsigned char *data ) -{ - return( mbedtls_internal_sha512_process( (mbedtls_sha512_context *) ctx, - data ) ); -} - -const mbedtls_md_info_t mbedtls_sha384_info = { - MBEDTLS_MD_SHA384, - "SHA384", - 48, - 128, - sha384_starts_wrap, - sha384_update_wrap, - sha384_finish_wrap, - sha384_wrap, - sha384_ctx_alloc, - sha384_ctx_free, - sha384_clone_wrap, - sha384_process_wrap, -}; - -static int sha512_starts_wrap( void *ctx ) -{ - return( mbedtls_sha512_starts_ret( (mbedtls_sha512_context *) ctx, 0 ) ); -} - -static int sha512_wrap( const unsigned char *input, size_t ilen, - unsigned char *output ) -{ - return( mbedtls_sha512_ret( input, ilen, output, 0 ) ); -} - -const mbedtls_md_info_t mbedtls_sha512_info = { - MBEDTLS_MD_SHA512, - "SHA512", - 64, - 128, - sha512_starts_wrap, - sha384_update_wrap, - sha384_finish_wrap, - sha512_wrap, - sha384_ctx_alloc, - sha384_ctx_free, - sha384_clone_wrap, - sha384_process_wrap, -}; - -#endif /* MBEDTLS_SHA512_C */ - -#endif /* MBEDTLS_MD_C */ diff --git a/library/pk.c b/library/pk.c index 161a135f1..93c57642d 100644 --- a/library/pk.c +++ b/library/pk.c @@ -205,13 +205,16 @@ int mbedtls_pk_can_do( const mbedtls_pk_context *ctx, mbedtls_pk_type_t type ) */ static inline int pk_hashlen_helper( mbedtls_md_type_t md_alg, size_t *hash_len ) { - const mbedtls_md_info_t *md_info; + mbedtls_md_handle_t md_info; if( *hash_len != 0 ) return( 0 ); - if( ( md_info = mbedtls_md_info_from_type( md_alg ) ) == NULL ) + if( ( md_info = mbedtls_md_info_from_type( md_alg ) ) == + MBEDTLS_MD_INVALID_HANDLE ) + { return( -1 ); + } *hash_len = mbedtls_md_get_size( md_info ); return( 0 ); diff --git a/library/pkcs11.c b/library/pkcs11.c index 0ea64252e..9ef53533f 100644 --- a/library/pkcs11.c +++ b/library/pkcs11.c @@ -183,8 +183,8 @@ int mbedtls_pkcs11_sign( mbedtls_pkcs11_context *ctx, if( md_alg != MBEDTLS_MD_NONE ) { - const mbedtls_md_info_t *md_info = mbedtls_md_info_from_type( md_alg ); - if( md_info == NULL ) + mbedtls_md_handle_t md_info = mbedtls_md_info_from_type( md_alg ); + if( md_info == MBEDTLS_MD_INVALID_HANDLE ) return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); if( mbedtls_oid_get_oid_by_md( md_alg, &oid, &oid_size ) != 0 ) diff --git a/library/pkcs12.c b/library/pkcs12.c index 7edf064c1..e16d0a934 100644 --- a/library/pkcs12.c +++ b/library/pkcs12.c @@ -261,7 +261,7 @@ int mbedtls_pkcs12_derivation( unsigned char *data, size_t datalen, size_t hlen, use_len, v, i; - const mbedtls_md_info_t *md_info; + mbedtls_md_handle_t md_info; mbedtls_md_context_t md_ctx; // This version only allows max of 64 bytes of password or salt @@ -269,7 +269,7 @@ int mbedtls_pkcs12_derivation( unsigned char *data, size_t datalen, return( MBEDTLS_ERR_PKCS12_BAD_INPUT_DATA ); md_info = mbedtls_md_info_from_type( md_type ); - if( md_info == NULL ) + if( md_info == MBEDTLS_MD_INVALID_HANDLE ) return( MBEDTLS_ERR_PKCS12_FEATURE_UNAVAILABLE ); mbedtls_md_init( &md_ctx ); diff --git a/library/pkcs5.c b/library/pkcs5.c index 50133435c..a517778a4 100644 --- a/library/pkcs5.c +++ b/library/pkcs5.c @@ -122,7 +122,7 @@ int mbedtls_pkcs5_pbes2( const mbedtls_asn1_buf *pbe_params, int mode, mbedtls_md_type_t md_type = MBEDTLS_MD_SHA1; unsigned char key[32], iv[32]; size_t olen = 0; - const mbedtls_md_info_t *md_info; + mbedtls_md_handle_t md_info; const mbedtls_cipher_info_t *cipher_info; mbedtls_md_context_t md_ctx; mbedtls_cipher_type_t cipher_alg; @@ -157,7 +157,7 @@ int mbedtls_pkcs5_pbes2( const mbedtls_asn1_buf *pbe_params, int mode, } md_info = mbedtls_md_info_from_type( md_type ); - if( md_info == NULL ) + if( md_info == MBEDTLS_MD_INVALID_HANDLE ) return( MBEDTLS_ERR_PKCS5_FEATURE_UNAVAILABLE ); if( ( ret = mbedtls_asn1_get_alg( &p, end, &enc_scheme_oid, @@ -226,7 +226,7 @@ int mbedtls_pkcs5_pbkdf2_hmac( mbedtls_md_context_t *ctx, const unsigned char *p unsigned int i; unsigned char md1[MBEDTLS_MD_MAX_SIZE]; unsigned char work[MBEDTLS_MD_MAX_SIZE]; - unsigned char md_size = mbedtls_md_get_size( ctx->md_info ); + unsigned char md_size = mbedtls_md_get_size( mbedtls_md_get_handle( ctx ) ); size_t use_len; unsigned char *out_p = output; unsigned char counter[4]; @@ -356,14 +356,14 @@ static const unsigned char result_key[MAX_TESTS][32] = int mbedtls_pkcs5_self_test( int verbose ) { mbedtls_md_context_t sha1_ctx; - const mbedtls_md_info_t *info_sha1; + mbedtls_md_handle_t info_sha1; int ret, i; unsigned char key[64]; mbedtls_md_init( &sha1_ctx ); info_sha1 = mbedtls_md_info_from_type( MBEDTLS_MD_SHA1 ); - if( info_sha1 == NULL ) + if( info_sha1 == MBEDTLS_MD_INVALID_HANDLE ) { ret = 1; goto exit; diff --git a/library/rsa.c b/library/rsa.c index af1a87859..3bfc73ec5 100644 --- a/library/rsa.c +++ b/library/rsa.c @@ -1076,7 +1076,7 @@ static int mgf_mask( unsigned char *dst, size_t dlen, unsigned char *src, memset( mask, 0, MBEDTLS_MD_MAX_SIZE ); memset( counter, 0, 4 ); - hlen = mbedtls_md_get_size( md_ctx->md_info ); + hlen = mbedtls_md_get_size( mbedtls_md_get_handle( md_ctx ) ); /* Generate and apply dbMask */ p = dst; @@ -1128,7 +1128,7 @@ int mbedtls_rsa_rsaes_oaep_encrypt( mbedtls_rsa_context *ctx, int ret; unsigned char *p = output; unsigned int hlen; - const mbedtls_md_info_t *md_info; + mbedtls_md_handle_t md_info; mbedtls_md_context_t md_ctx; RSA_VALIDATE_RET( ctx != NULL ); @@ -1145,7 +1145,7 @@ int mbedtls_rsa_rsaes_oaep_encrypt( mbedtls_rsa_context *ctx, return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); md_info = mbedtls_md_info_from_type( (mbedtls_md_type_t) ctx->hash_id ); - if( md_info == NULL ) + if( md_info == MBEDTLS_MD_INVALID_HANDLE ) return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); olen = ctx->len; @@ -1326,7 +1326,7 @@ int mbedtls_rsa_rsaes_oaep_decrypt( mbedtls_rsa_context *ctx, unsigned char buf[MBEDTLS_MPI_MAX_SIZE]; unsigned char lhash[MBEDTLS_MD_MAX_SIZE]; unsigned int hlen; - const mbedtls_md_info_t *md_info; + mbedtls_md_handle_t md_info; mbedtls_md_context_t md_ctx; RSA_VALIDATE_RET( ctx != NULL ); @@ -1349,7 +1349,7 @@ int mbedtls_rsa_rsaes_oaep_decrypt( mbedtls_rsa_context *ctx, return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); md_info = mbedtls_md_info_from_type( (mbedtls_md_type_t) ctx->hash_id ); - if( md_info == NULL ) + if( md_info == MBEDTLS_MD_INVALID_HANDLE ) return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); hlen = mbedtls_md_get_size( md_info ); @@ -1767,7 +1767,7 @@ int mbedtls_rsa_rsassa_pss_sign( mbedtls_rsa_context *ctx, size_t slen, min_slen, hlen, offset = 0; int ret; size_t msb; - const mbedtls_md_info_t *md_info; + mbedtls_md_handle_t md_info; mbedtls_md_context_t md_ctx; RSA_VALIDATE_RET( ctx != NULL ); RSA_VALIDATE_RET( mode == MBEDTLS_RSA_PRIVATE || @@ -1789,14 +1789,14 @@ int mbedtls_rsa_rsassa_pss_sign( mbedtls_rsa_context *ctx, { /* Gather length of hash to sign */ md_info = mbedtls_md_info_from_type( md_alg ); - if( md_info == NULL ) + if( md_info == MBEDTLS_MD_INVALID_HANDLE ) return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); hashlen = mbedtls_md_get_size( md_info ); } md_info = mbedtls_md_info_from_type( (mbedtls_md_type_t) ctx->hash_id ); - if( md_info == NULL ) + if( md_info == MBEDTLS_MD_INVALID_HANDLE ) return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); hlen = mbedtls_md_get_size( md_info ); @@ -1910,8 +1910,8 @@ static int rsa_rsassa_pkcs1_v15_encode( mbedtls_md_type_t md_alg, /* Are we signing hashed or raw data? */ if( md_alg != MBEDTLS_MD_NONE ) { - const mbedtls_md_info_t *md_info = mbedtls_md_info_from_type( md_alg ); - if( md_info == NULL ) + mbedtls_md_handle_t md_info = mbedtls_md_info_from_type( md_alg ); + if( md_info == MBEDTLS_MD_INVALID_HANDLE ) return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); if( mbedtls_oid_get_oid_by_md( md_alg, &oid, &oid_size ) != 0 ) @@ -2150,7 +2150,7 @@ int mbedtls_rsa_rsassa_pss_verify_ext( mbedtls_rsa_context *ctx, unsigned char zeros[8]; unsigned int hlen; size_t observed_salt_len, msb; - const mbedtls_md_info_t *md_info; + mbedtls_md_handle_t md_info; mbedtls_md_context_t md_ctx; unsigned char buf[MBEDTLS_MPI_MAX_SIZE]; @@ -2186,14 +2186,14 @@ int mbedtls_rsa_rsassa_pss_verify_ext( mbedtls_rsa_context *ctx, { /* Gather length of hash to sign */ md_info = mbedtls_md_info_from_type( md_alg ); - if( md_info == NULL ) + if( md_info == MBEDTLS_MD_INVALID_HANDLE ) return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); hashlen = mbedtls_md_get_size( md_info ); } md_info = mbedtls_md_info_from_type( mgf1_hash_id ); - if( md_info == NULL ) + if( md_info == MBEDTLS_MD_INVALID_HANDLE ) return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); hlen = mbedtls_md_get_size( md_info ); diff --git a/library/ssl_tls.c b/library/ssl_tls.c index 56e068906..e9f66346c 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -660,7 +660,7 @@ MBEDTLS_NO_INLINE static int tls1_prf( const unsigned char *secret, size_t slen, const unsigned char *S1, *S2; unsigned char tmp[128]; unsigned char h_i[20]; - const mbedtls_md_info_t *md_info; + mbedtls_md_handle_t md_info; mbedtls_md_context_t md_ctx; int ret; @@ -681,8 +681,11 @@ MBEDTLS_NO_INLINE static int tls1_prf( const unsigned char *secret, size_t slen, /* * First compute P_md5(secret,label+random)[0..dlen] */ - if( ( md_info = mbedtls_md_info_from_type( MBEDTLS_MD_MD5 ) ) == NULL ) + if( ( md_info = mbedtls_md_info_from_type( MBEDTLS_MD_MD5 ) ) == + MBEDTLS_MD_INVALID_HANDLE ) + { return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + } if( ( ret = mbedtls_md_setup( &md_ctx, md_info, 1 ) ) != 0 ) return( ret ); @@ -712,8 +715,11 @@ MBEDTLS_NO_INLINE static int tls1_prf( const unsigned char *secret, size_t slen, /* * XOR out with P_sha1(secret,label+random)[0..dlen] */ - if( ( md_info = mbedtls_md_info_from_type( MBEDTLS_MD_SHA1 ) ) == NULL ) + if( ( md_info = mbedtls_md_info_from_type( MBEDTLS_MD_SHA1 ) ) == + MBEDTLS_MD_INVALID_HANDLE ) + { return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + } if( ( ret = mbedtls_md_setup( &md_ctx, md_info, 1 ) ) != 0 ) return( ret ); @@ -763,14 +769,17 @@ int tls_prf_generic( mbedtls_md_type_t md_type, size_t i, j, k, md_len; unsigned char tmp[128]; unsigned char h_i[MBEDTLS_MD_MAX_SIZE]; - const mbedtls_md_info_t *md_info; + mbedtls_md_handle_t md_info; mbedtls_md_context_t md_ctx; int ret; mbedtls_md_init( &md_ctx ); - if( ( md_info = mbedtls_md_info_from_type( md_type ) ) == NULL ) + if( ( md_info = mbedtls_md_info_from_type( md_type ) ) == + MBEDTLS_MD_INVALID_HANDLE ) + { return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + } md_len = mbedtls_md_get_size( md_info ); @@ -1244,7 +1253,7 @@ int ssl_populate_transform( mbedtls_ssl_transform *transform, unsigned keylen; mbedtls_ssl_ciphersuite_handle_t ciphersuite_info; const mbedtls_cipher_info_t *cipher_info; - const mbedtls_md_info_t *md_info; + mbedtls_md_handle_t md_info; #if !defined(MBEDTLS_SSL_HW_RECORD_ACCEL) && \ !defined(MBEDTLS_SSL_EXPORT_KEYS) && \ @@ -1293,7 +1302,7 @@ int ssl_populate_transform( mbedtls_ssl_transform *transform, md_info = mbedtls_md_info_from_type( mbedtls_ssl_suite_get_mac( ciphersuite_info ) ); - if( md_info == NULL ) + if( md_info == MBEDTLS_MD_INVALID_HANDLE ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "mbedtls_md info for %d not found", mbedtls_ssl_suite_get_mac( ciphersuite_info ) ) ); @@ -3376,7 +3385,8 @@ int mbedtls_ssl_decrypt_buf( mbedtls_ssl_context const *ssl, memset( tmp, 0, sizeof( tmp ) ); - switch( mbedtls_md_get_type( transform->md_ctx_dec.md_info ) ) + switch( mbedtls_md_get_type( + mbedtls_md_get_handle( &transform->md_ctx_dec ) ) ) { #if defined(MBEDTLS_MD5_C) || defined(MBEDTLS_SHA1_C) || \ defined(MBEDTLS_SHA256_C) @@ -6899,13 +6909,16 @@ static int ssl_check_peer_crt_unchanged( mbedtls_ssl_context *ssl, ssl->session->peer_cert_digest; mbedtls_md_type_t const peer_cert_digest_type = ssl->session->peer_cert_digest_type; - mbedtls_md_info_t const * const digest_info = + mbedtls_md_handle_t digest_info = mbedtls_md_info_from_type( peer_cert_digest_type ); unsigned char tmp_digest[MBEDTLS_SSL_PEER_CERT_DIGEST_MAX_LEN]; size_t digest_len; - if( peer_cert_digest == NULL || digest_info == NULL ) + if( peer_cert_digest == NULL || + digest_info == MBEDTLS_MD_INVALID_HANDLE ) + { return( -1 ); + } digest_len = mbedtls_md_get_size( digest_info ); if( digest_len > MBEDTLS_SSL_PEER_CERT_DIGEST_MAX_LEN ) @@ -10133,9 +10146,9 @@ static int ssl_session_load( mbedtls_ssl_session *session, if( session->peer_cert_digest_len != 0 ) { - const mbedtls_md_info_t *md_info = + mbedtls_md_handle_t md_info = mbedtls_md_info_from_type( session->peer_cert_digest_type ); - if( md_info == NULL ) + if( md_info == MBEDTLS_MD_INVALID_HANDLE ) return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); if( session->peer_cert_digest_len != mbedtls_md_get_size( md_info ) ) return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); @@ -12515,7 +12528,7 @@ int mbedtls_ssl_get_key_exchange_md_tls1_2( mbedtls_ssl_context *ssl, { int ret = 0; mbedtls_md_context_t ctx; - const mbedtls_md_info_t *md_info = mbedtls_md_info_from_type( md_alg ); + mbedtls_md_handle_t md_info = mbedtls_md_info_from_type( md_alg ); *hashlen = mbedtls_md_get_size( md_info ); mbedtls_md_init( &ctx ); diff --git a/library/x509.c b/library/x509.c index beb263327..d570f71ea 100644 --- a/library/x509.c +++ b/library/x509.c @@ -1065,7 +1065,7 @@ int mbedtls_x509_sig_alg_gets( char *buf, size_t size, mbedtls_pk_type_t pk_alg, if( pk_alg == MBEDTLS_PK_RSASSA_PSS ) { const mbedtls_pk_rsassa_pss_options *pss_opts; - const mbedtls_md_info_t *md_info, *mgf_md_info; + mbedtls_md_handle_t md_info, mgf_md_info; pss_opts = (const mbedtls_pk_rsassa_pss_options *) sig_opts; diff --git a/library/x509_crt.c b/library/x509_crt.c index 0676e6481..dfd911123 100644 --- a/library/x509_crt.c +++ b/library/x509_crt.c @@ -2071,7 +2071,7 @@ static void x509_crt_free_sig_info( mbedtls_x509_crt_sig_info *info ) static int x509_crt_get_sig_info( mbedtls_x509_crt_frame const *frame, mbedtls_x509_crt_sig_info *info ) { - const mbedtls_md_info_t *md_info; + mbedtls_md_handle_t md_info; md_info = mbedtls_md_info_from_type( frame->sig_md ); if( mbedtls_md( md_info, frame->tbs.p, frame->tbs.len, @@ -2688,7 +2688,7 @@ static int x509_crt_verifycrl( unsigned char *crt_serial, int ret; int flags = 0; unsigned char hash[MBEDTLS_MD_MAX_SIZE]; - const mbedtls_md_info_t *md_info; + mbedtls_md_handle_t md_info; mbedtls_x509_buf_raw ca_subject; mbedtls_pk_context *pk; int can_sign; diff --git a/programs/aes/crypt_and_hash.c b/programs/aes/crypt_and_hash.c index a5acf5b8b..8d671abf2 100644 --- a/programs/aes/crypt_and_hash.c +++ b/programs/aes/crypt_and_hash.c @@ -100,7 +100,7 @@ int main( int argc, char *argv[] ) unsigned char diff; const mbedtls_cipher_info_t *cipher_info; - const mbedtls_md_info_t *md_info; + mbedtls_md_handle_t md_info; mbedtls_cipher_context_t cipher_ctx; mbedtls_md_context_t md_ctx; #if defined(_WIN32_WCE) @@ -192,7 +192,7 @@ int main( int argc, char *argv[] ) } md_info = mbedtls_md_info_from_string( argv[5] ); - if( md_info == NULL ) + if( md_info == MBEDTLS_MD_INVALID_HANDLE ) { mbedtls_fprintf( stderr, "Message Digest '%s' not found\n", argv[5] ); goto exit; diff --git a/programs/hash/generic_sum.c b/programs/hash/generic_sum.c index 709a149e0..ed5357f08 100644 --- a/programs/hash/generic_sum.c +++ b/programs/hash/generic_sum.c @@ -53,7 +53,7 @@ int main( void ) #else -static int generic_wrapper( const mbedtls_md_info_t *md_info, char *filename, unsigned char *sum ) +static int generic_wrapper( mbedtls_md_handle_t md_info, char *filename, unsigned char *sum ) { int ret = mbedtls_md_file( md_info, filename, sum ); @@ -66,7 +66,7 @@ static int generic_wrapper( const mbedtls_md_info_t *md_info, char *filename, un return( ret ); } -static int generic_print( const mbedtls_md_info_t *md_info, char *filename ) +static int generic_print( mbedtls_md_handle_t md_info, char *filename ) { int i; unsigned char sum[MBEDTLS_MD_MAX_SIZE]; @@ -81,7 +81,7 @@ static int generic_print( const mbedtls_md_info_t *md_info, char *filename ) return( 0 ); } -static int generic_check( const mbedtls_md_info_t *md_info, char *filename ) +static int generic_check( mbedtls_md_handle_t md_info, char *filename ) { int i; size_t n; @@ -177,7 +177,7 @@ int main( int argc, char *argv[] ) { int ret = 1, i; int exit_code = MBEDTLS_EXIT_FAILURE; - const mbedtls_md_info_t *md_info; + mbedtls_md_handle_t md_info; mbedtls_md_context_t md_ctx; mbedtls_md_init( &md_ctx ); @@ -210,7 +210,7 @@ int main( int argc, char *argv[] ) * Read the MD from the command line */ md_info = mbedtls_md_info_from_string( argv[1] ); - if( md_info == NULL ) + if( md_info == MBEDTLS_MD_INVALID_HANDLE ) { mbedtls_fprintf( stderr, "Message Digest '%s' not found\n", argv[1] ); return( exit_code ); diff --git a/programs/ssl/query_config.c b/programs/ssl/query_config.c index c2de82a73..71a212d0c 100644 --- a/programs/ssl/query_config.c +++ b/programs/ssl/query_config.c @@ -2914,6 +2914,14 @@ int query_config( const char *config ) } #endif /* MBEDTLS_SSL_CONF_SINGLE_SIG_HASH_TLS_ID */ +#if defined(MBEDTLS_MD_SINGLE_HASH) + if( strcmp( "MBEDTLS_MD_SINGLE_HASH", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_MD_SINGLE_HASH ); + return( 0 ); + } +#endif /* MBEDTLS_MD_SINGLE_HASH */ + /* If the symbol is not found, return an error */ return( 1 ); } diff --git a/programs/test/benchmark.c b/programs/test/benchmark.c index 2b8656692..88e3290d0 100644 --- a/programs/test/benchmark.c +++ b/programs/test/benchmark.c @@ -693,13 +693,16 @@ int main( int argc, char *argv[] ) if( todo.hmac_drbg ) { mbedtls_hmac_drbg_context hmac_drbg; - const mbedtls_md_info_t *md_info; + mbedtls_md_handle_t md_info; mbedtls_hmac_drbg_init( &hmac_drbg ); #if defined(MBEDTLS_SHA1_C) - if( ( md_info = mbedtls_md_info_from_type( MBEDTLS_MD_SHA1 ) ) == NULL ) + if( ( md_info = mbedtls_md_info_from_type( MBEDTLS_MD_SHA1 ) ) == + MBEDTLS_MD_INVALID_HANDLE ) + { mbedtls_exit(1); + } if( mbedtls_hmac_drbg_seed( &hmac_drbg, md_info, myrand, NULL, NULL, 0 ) != 0 ) mbedtls_exit(1); @@ -715,8 +718,11 @@ int main( int argc, char *argv[] ) #endif #if defined(MBEDTLS_SHA256_C) - if( ( md_info = mbedtls_md_info_from_type( MBEDTLS_MD_SHA256 ) ) == NULL ) + if( ( md_info = mbedtls_md_info_from_type( MBEDTLS_MD_SHA256 ) ) == + MBEDTLS_MD_INVALID_HANDLE ) + { mbedtls_exit(1); + } if( mbedtls_hmac_drbg_seed( &hmac_drbg, md_info, myrand, NULL, NULL, 0 ) != 0 ) mbedtls_exit(1); diff --git a/programs/test/cpp_dummy_build.cpp b/programs/test/cpp_dummy_build.cpp index 3c9c2786f..dcbd5ff4a 100644 --- a/programs/test/cpp_dummy_build.cpp +++ b/programs/test/cpp_dummy_build.cpp @@ -66,7 +66,6 @@ #include "mbedtls/md2.h" #include "mbedtls/md4.h" #include "mbedtls/md5.h" -#include "mbedtls/md_internal.h" #include "mbedtls/net.h" #include "mbedtls/net_sockets.h" #include "mbedtls/nist_kw.h" diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index ff0019bbf..977ee9cac 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -904,6 +904,34 @@ component_test_hardcoded_elliptic_curve_cmake_clang() { if_build_succeeded tests/ssl-opt.sh -f '^Default$\|^Default, DTLS$' } +component_test_hardcoded_hash_cmake_clang() { + msg "build: cmake, full config + MBEDTLS_MD_SINGLE_HASH, clang" # ~ 50s + scripts/config.pl full + scripts/config.pl unset MBEDTLS_MEMORY_BACKTRACE # too slow for tests + scripts/config.pl unset MBEDTLS_MEMORY_BUFFER_ALLOC_C + scripts/config.pl unset MBEDTLS_SHA1_C + scripts/config.pl unset MBEDTLS_SHA512_C + scripts/config.pl set MBEDTLS_SHA256_NO_SHA224 + scripts/config.pl unset MBEDTLS_MD2_C + scripts/config.pl unset MBEDTLS_MD4_C + scripts/config.pl unset MBEDTLS_MD5_C + scripts/config.pl unset MBEDTLS_RIPEMD160_C + scripts/config.pl unset MBEDTLS_SSL_PROTO_SSL3 + scripts/config.pl unset MBEDTLS_SSL_PROTO_TLS1 + scripts/config.pl unset MBEDTLS_SSL_PROTO_TLS1_1 + scripts/config.pl unset MBEDTLS_SSL_CBC_RECORD_SPLITTING + scripts/config.pl set MBEDTLS_MD_SINGLE_HASH MBEDTLS_MD_INFO_SHA256 + + CC=clang cmake -D CMAKE_BUILD_TYPE:String=Check -D ENABLE_TESTING=On . + make + + msg "test: main suites (full config + MBEDTLS_MD_SINGLE_HASH)" # ~ 5s + make test + + msg "test: ssl-opt.sh default (full config + MBEDTLS_MD_SINGLE_HASH)" # ~ 5s + if_build_succeeded tests/ssl-opt.sh -f '^Default$\|^Default, DTLS$' +} + component_build_deprecated () { msg "build: make, full config + DEPRECATED_WARNING, gcc -O" # ~ 30s scripts/config.pl full diff --git a/tests/suites/test_suite_ecdsa.function b/tests/suites/test_suite_ecdsa.function index 22d92b6df..fa77dfad3 100644 --- a/tests/suites/test_suite_ecdsa.function +++ b/tests/suites/test_suite_ecdsa.function @@ -307,7 +307,7 @@ void ecdsa_det_test_vectors( int id, char * d_str, int md_alg, char * msg, mbedtls_mpi d, r, s, r_check, s_check; unsigned char hash[MBEDTLS_MD_MAX_SIZE]; size_t hlen; - const mbedtls_md_info_t *md_info; + mbedtls_md_handle_t md_info; mbedtls_ecp_group_init( &grp ); mbedtls_mpi_init( &d ); mbedtls_mpi_init( &r ); mbedtls_mpi_init( &s ); @@ -320,7 +320,7 @@ void ecdsa_det_test_vectors( int id, char * d_str, int md_alg, char * msg, TEST_ASSERT( mbedtls_mpi_read_string( &s_check, 16, s_str ) == 0 ); md_info = mbedtls_md_info_from_type( md_alg ); - TEST_ASSERT( md_info != NULL ); + TEST_ASSERT( md_info != MBEDTLS_MD_INVALID_HANDLE ); hlen = mbedtls_md_get_size( md_info ); TEST_ASSERT( mbedtls_md( md_info, (const unsigned char *) msg, strlen( msg ), hash ) == 0 ); @@ -476,7 +476,7 @@ void ecdsa_write_restart( int id, char *d_str, int md_alg, unsigned char sig[MBEDTLS_ECDSA_MAX_LEN]; unsigned char sig_check[MBEDTLS_ECDSA_MAX_LEN]; size_t hlen, slen, slen_check; - const mbedtls_md_info_t *md_info; + mbedtls_md_handle_t md_info; mbedtls_ecdsa_restart_init( &rs_ctx ); mbedtls_ecdsa_init( &ctx ); @@ -489,7 +489,7 @@ void ecdsa_write_restart( int id, char *d_str, int md_alg, slen_check = unhexify( sig_check, sig_str ); md_info = mbedtls_md_info_from_type( md_alg ); - TEST_ASSERT( md_info != NULL ); + TEST_ASSERT( md_info != MBEDTLS_MD_INVALID_HANDLE ); hlen = mbedtls_md_get_size( md_info ); mbedtls_md( md_info, (const unsigned char *) msg, strlen( msg ), hash ); diff --git a/tests/suites/test_suite_hkdf.function b/tests/suites/test_suite_hkdf.function index 3e8720734..77f0d5d54 100644 --- a/tests/suites/test_suite_hkdf.function +++ b/tests/suites/test_suite_hkdf.function @@ -1,6 +1,5 @@ /* BEGIN_HEADER */ #include "mbedtls/hkdf.h" -#include "mbedtls/md_internal.h" /* END_HEADER */ /* BEGIN_DEPENDENCIES @@ -25,8 +24,8 @@ void test_hkdf( int md_alg, char *hex_ikm_string, char *hex_salt_string, */ unsigned char okm_hex[257] = { '\0' }; - const mbedtls_md_info_t *md = mbedtls_md_info_from_type( md_alg ); - TEST_ASSERT( md != NULL ); + mbedtls_md_handle_t md = mbedtls_md_info_from_type( md_alg ); + TEST_ASSERT( md != MBEDTLS_MD_INVALID_HANDLE ); ikm_len = unhexify( ikm, hex_ikm_string ); salt_len = unhexify( salt, hex_salt_string ); @@ -54,8 +53,8 @@ void test_hkdf_extract( int md_alg, char *hex_ikm_string, unsigned char *output_prk = NULL; size_t ikm_len, salt_len, prk_len, output_prk_len; - const mbedtls_md_info_t *md = mbedtls_md_info_from_type( md_alg ); - TEST_ASSERT( md != NULL ); + mbedtls_md_handle_t md = mbedtls_md_info_from_type( md_alg ); + TEST_ASSERT( md != MBEDTLS_MD_INVALID_HANDLE ); output_prk_len = mbedtls_md_get_size( md ); output_prk = mbedtls_calloc( 1, output_prk_len ); @@ -90,8 +89,8 @@ void test_hkdf_expand( int md_alg, char *hex_info_string, unsigned char *output_okm = NULL; size_t info_len, prk_len, okm_len; - const mbedtls_md_info_t *md = mbedtls_md_info_from_type( md_alg ); - TEST_ASSERT( md != NULL ); + mbedtls_md_handle_t md = mbedtls_md_info_from_type( md_alg ); + TEST_ASSERT( md != MBEDTLS_MD_INVALID_HANDLE ); output_okm = mbedtls_calloc( OKM_LEN, 1 ); @@ -114,7 +113,7 @@ exit: } /* END_CASE */ -/* BEGIN_CASE */ +/* BEGIN_CASE depends_on:!MBEDTLS_MD_SINGLE_HASH */ void test_hkdf_extract_ret( int hash_len, int ret ) { int output_ret; @@ -141,7 +140,7 @@ exit: } /* END_CASE */ -/* BEGIN_CASE */ +/* BEGIN_CASE depends_on:!MBEDTLS_MD_SINGLE_HASH */ void test_hkdf_expand_ret( int hash_len, int prk_len, int okm_len, int ret ) { int output_ret; diff --git a/tests/suites/test_suite_hmac_drbg.function b/tests/suites/test_suite_hmac_drbg.function index 13bc40062..da280dbd9 100644 --- a/tests/suites/test_suite_hmac_drbg.function +++ b/tests/suites/test_suite_hmac_drbg.function @@ -34,7 +34,7 @@ void hmac_drbg_entropy_usage( int md_alg ) { unsigned char out[16]; unsigned char buf[1024]; - const mbedtls_md_info_t *md_info; + mbedtls_md_handle_t md_info; mbedtls_hmac_drbg_context ctx; entropy_ctx entropy; size_t last_len, i, reps = 10; @@ -47,7 +47,7 @@ void hmac_drbg_entropy_usage( int md_alg ) entropy.p = buf; md_info = mbedtls_md_info_from_type( md_alg ); - TEST_ASSERT( md_info != NULL ); + TEST_ASSERT( md_info != MBEDTLS_MD_INVALID_HANDLE ); /* Init must use entropy */ last_len = entropy.len; @@ -112,13 +112,13 @@ exit: /* BEGIN_CASE depends_on:MBEDTLS_FS_IO */ void hmac_drbg_seed_file( int md_alg, char * path, int ret ) { - const mbedtls_md_info_t *md_info; + mbedtls_md_handle_t md_info; mbedtls_hmac_drbg_context ctx; mbedtls_hmac_drbg_init( &ctx ); md_info = mbedtls_md_info_from_type( md_alg ); - TEST_ASSERT( md_info != NULL ); + TEST_ASSERT( md_info != MBEDTLS_MD_INVALID_HANDLE ); TEST_ASSERT( mbedtls_hmac_drbg_seed( &ctx, md_info, rnd_std_rand, NULL, NULL, 0 ) == 0 ); @@ -136,7 +136,7 @@ void hmac_drbg_buf( int md_alg ) { unsigned char out[16]; unsigned char buf[100]; - const mbedtls_md_info_t *md_info; + mbedtls_md_handle_t md_info; mbedtls_hmac_drbg_context ctx; size_t i; @@ -145,7 +145,7 @@ void hmac_drbg_buf( int md_alg ) memset( out, 0, sizeof( out ) ); md_info = mbedtls_md_info_from_type( md_alg ); - TEST_ASSERT( md_info != NULL ); + TEST_ASSERT( md_info != MBEDTLS_MD_INVALID_HANDLE ); TEST_ASSERT( mbedtls_hmac_drbg_seed_buf( &ctx, md_info, buf, sizeof( buf ) ) == 0 ); /* Make sure it never tries to reseed (would segfault otherwise) */ @@ -168,7 +168,7 @@ void hmac_drbg_no_reseed( int md_alg, data_t * entropy, unsigned char data[1024]; unsigned char my_output[512]; entropy_ctx p_entropy; - const mbedtls_md_info_t *md_info; + mbedtls_md_handle_t md_info; mbedtls_hmac_drbg_context ctx; mbedtls_hmac_drbg_init( &ctx ); @@ -177,7 +177,7 @@ void hmac_drbg_no_reseed( int md_alg, data_t * entropy, p_entropy.len = entropy->len; md_info = mbedtls_md_info_from_type( md_alg ); - TEST_ASSERT( md_info != NULL ); + TEST_ASSERT( md_info != MBEDTLS_MD_INVALID_HANDLE ); /* Test the simplified buffer-based variant */ memcpy( data, entropy->x, p_entropy.len ); @@ -215,7 +215,7 @@ void hmac_drbg_nopr( int md_alg, data_t * entropy, data_t * custom, { unsigned char my_output[512]; entropy_ctx p_entropy; - const mbedtls_md_info_t *md_info; + mbedtls_md_handle_t md_info; mbedtls_hmac_drbg_context ctx; mbedtls_hmac_drbg_init( &ctx ); @@ -224,7 +224,7 @@ void hmac_drbg_nopr( int md_alg, data_t * entropy, data_t * custom, p_entropy.len = entropy->len; md_info = mbedtls_md_info_from_type( md_alg ); - TEST_ASSERT( md_info != NULL ); + TEST_ASSERT( md_info != MBEDTLS_MD_INVALID_HANDLE ); TEST_ASSERT( mbedtls_hmac_drbg_seed( &ctx, md_info, mbedtls_test_entropy_func, &p_entropy, custom->x, custom->len ) == 0 ); @@ -247,7 +247,7 @@ void hmac_drbg_pr( int md_alg, data_t * entropy, data_t * custom, { unsigned char my_output[512]; entropy_ctx p_entropy; - const mbedtls_md_info_t *md_info; + mbedtls_md_handle_t md_info; mbedtls_hmac_drbg_context ctx; mbedtls_hmac_drbg_init( &ctx ); @@ -256,7 +256,7 @@ void hmac_drbg_pr( int md_alg, data_t * entropy, data_t * custom, p_entropy.len = entropy->len; md_info = mbedtls_md_info_from_type( md_alg ); - TEST_ASSERT( md_info != NULL ); + TEST_ASSERT( md_info != MBEDTLS_MD_INVALID_HANDLE ); TEST_ASSERT( mbedtls_hmac_drbg_seed( &ctx, md_info, mbedtls_test_entropy_func, &p_entropy, custom->x, custom->len ) == 0 ); diff --git a/tests/suites/test_suite_md.function b/tests/suites/test_suite_md.function index 11cf88ae7..31d5aaf17 100644 --- a/tests/suites/test_suite_md.function +++ b/tests/suites/test_suite_md.function @@ -11,7 +11,7 @@ void mbedtls_md_process( ) { const int *md_type_ptr; - const mbedtls_md_info_t *info; + mbedtls_md_handle_t info; mbedtls_md_context_t ctx; unsigned char buf[150]; @@ -28,7 +28,7 @@ void mbedtls_md_process( ) for( md_type_ptr = mbedtls_md_list(); *md_type_ptr != 0; md_type_ptr++ ) { info = mbedtls_md_info_from_type( *md_type_ptr ); - TEST_ASSERT( info != NULL ); + TEST_ASSERT( info != MBEDTLS_MD_INVALID_HANDLE ); TEST_ASSERT( mbedtls_md_setup( &ctx, info, 0 ) == 0 ); TEST_ASSERT( mbedtls_md_process( &ctx, buf ) == 0 ); mbedtls_md_free( &ctx ); @@ -39,22 +39,26 @@ exit: } /* END_CASE */ -/* BEGIN_CASE */ +/* BEGIN_CASE depends_on:!MBEDTLS_MD_SINGLE_HASH */ void md_null_args( ) { mbedtls_md_context_t ctx; - const mbedtls_md_info_t *info = mbedtls_md_info_from_type( *( mbedtls_md_list() ) ); + mbedtls_md_handle_t info = mbedtls_md_info_from_type( *( mbedtls_md_list() ) ); unsigned char buf[1] = { 0 }; mbedtls_md_init( &ctx ); - TEST_ASSERT( mbedtls_md_get_size( NULL ) == 0 ); - TEST_ASSERT( mbedtls_md_get_type( NULL ) == MBEDTLS_MD_NONE ); - TEST_ASSERT( mbedtls_md_get_name( NULL ) == NULL ); + TEST_ASSERT( mbedtls_md_get_size( MBEDTLS_MD_INVALID_HANDLE ) + == 0 ); + TEST_ASSERT( mbedtls_md_get_type( MBEDTLS_MD_INVALID_HANDLE ) + == MBEDTLS_MD_NONE ); + TEST_ASSERT( mbedtls_md_get_name( MBEDTLS_MD_INVALID_HANDLE ) + == NULL ); - TEST_ASSERT( mbedtls_md_info_from_string( NULL ) == NULL ); + TEST_ASSERT( mbedtls_md_info_from_string( NULL ) == MBEDTLS_MD_INVALID_HANDLE ); - TEST_ASSERT( mbedtls_md_setup( &ctx, NULL, 0 ) == MBEDTLS_ERR_MD_BAD_INPUT_DATA ); + TEST_ASSERT( mbedtls_md_setup( &ctx, MBEDTLS_MD_INVALID_HANDLE, 0 ) + == MBEDTLS_ERR_MD_BAD_INPUT_DATA ); TEST_ASSERT( mbedtls_md_setup( NULL, info, 0 ) == MBEDTLS_ERR_MD_BAD_INPUT_DATA ); TEST_ASSERT( mbedtls_md_starts( NULL ) == MBEDTLS_ERR_MD_BAD_INPUT_DATA ); @@ -66,10 +70,12 @@ void md_null_args( ) TEST_ASSERT( mbedtls_md_finish( NULL, buf ) == MBEDTLS_ERR_MD_BAD_INPUT_DATA ); TEST_ASSERT( mbedtls_md_finish( &ctx, buf ) == MBEDTLS_ERR_MD_BAD_INPUT_DATA ); - TEST_ASSERT( mbedtls_md( NULL, buf, 1, buf ) == MBEDTLS_ERR_MD_BAD_INPUT_DATA ); + TEST_ASSERT( mbedtls_md( MBEDTLS_MD_INVALID_HANDLE, + buf, 1, buf ) == MBEDTLS_ERR_MD_BAD_INPUT_DATA ); #if defined(MBEDTLS_FS_IO) - TEST_ASSERT( mbedtls_md_file( NULL, "", buf ) == MBEDTLS_ERR_MD_BAD_INPUT_DATA ); + TEST_ASSERT( mbedtls_md_file( MBEDTLS_MD_INVALID_HANDLE, + "", buf ) == MBEDTLS_ERR_MD_BAD_INPUT_DATA ); #endif TEST_ASSERT( mbedtls_md_hmac_starts( NULL, buf, 1 ) @@ -90,27 +96,29 @@ void md_null_args( ) TEST_ASSERT( mbedtls_md_hmac_reset( NULL ) == MBEDTLS_ERR_MD_BAD_INPUT_DATA ); TEST_ASSERT( mbedtls_md_hmac_reset( &ctx ) == MBEDTLS_ERR_MD_BAD_INPUT_DATA ); - TEST_ASSERT( mbedtls_md_hmac( NULL, buf, 1, buf, 1, buf ) + TEST_ASSERT( mbedtls_md_hmac( MBEDTLS_MD_INVALID_HANDLE, buf, 1, buf, 1, buf ) == MBEDTLS_ERR_MD_BAD_INPUT_DATA ); TEST_ASSERT( mbedtls_md_process( NULL, buf ) == MBEDTLS_ERR_MD_BAD_INPUT_DATA ); TEST_ASSERT( mbedtls_md_process( &ctx, buf ) == MBEDTLS_ERR_MD_BAD_INPUT_DATA ); /* Ok, this is not NULL arg but NULL return... */ - TEST_ASSERT( mbedtls_md_info_from_type( MBEDTLS_MD_NONE ) == NULL ); - TEST_ASSERT( mbedtls_md_info_from_string( "no such md" ) == NULL ); + TEST_ASSERT( mbedtls_md_info_from_type( MBEDTLS_MD_NONE ) == + MBEDTLS_MD_INVALID_HANDLE ); + TEST_ASSERT( mbedtls_md_info_from_string( "no such md" ) == + MBEDTLS_MD_INVALID_HANDLE ); } /* END_CASE */ /* BEGIN_CASE */ void md_info( int md_type, char * md_name, int md_size ) { - const mbedtls_md_info_t *md_info; + mbedtls_md_handle_t md_info; const int *md_type_ptr; int found; md_info = mbedtls_md_info_from_type( md_type ); - TEST_ASSERT( md_info != NULL ); + TEST_ASSERT( md_info != MBEDTLS_MD_INVALID_HANDLE ); TEST_ASSERT( md_info == mbedtls_md_info_from_string( md_name ) ); TEST_ASSERT( mbedtls_md_get_type( md_info ) == (mbedtls_md_type_t) md_type ); @@ -132,7 +140,7 @@ void md_text( char * text_md_name, char * text_src_string, char md_name[100]; unsigned char src_str[1000]; unsigned char output[100]; - const mbedtls_md_info_t *md_info = NULL; + mbedtls_md_handle_t md_info = MBEDTLS_MD_INVALID_HANDLE; memset( md_name, 0x00, 100 ); memset( src_str, 0x00, 1000 ); @@ -141,7 +149,7 @@ void md_text( char * text_md_name, char * text_src_string, strncpy( (char *) src_str, text_src_string, sizeof( src_str ) - 1 ); strncpy( (char *) md_name, text_md_name, sizeof( md_name ) - 1 ); md_info = mbedtls_md_info_from_string(md_name); - TEST_ASSERT( md_info != NULL ); + TEST_ASSERT( md_info != MBEDTLS_MD_INVALID_HANDLE ); TEST_ASSERT ( 0 == mbedtls_md( md_info, src_str, strlen( (char *) src_str ), output ) ); @@ -155,14 +163,14 @@ void md_hex( char * text_md_name, data_t * src_str, { char md_name[100]; unsigned char output[100]; - const mbedtls_md_info_t *md_info = NULL; + mbedtls_md_handle_t md_info = MBEDTLS_MD_INVALID_HANDLE; memset( md_name, 0x00, 100 ); memset( output, 0x00, 100 ); strncpy( (char *) md_name, text_md_name, sizeof( md_name ) - 1 ); md_info = mbedtls_md_info_from_string( md_name ); - TEST_ASSERT( md_info != NULL ); + TEST_ASSERT( md_info != MBEDTLS_MD_INVALID_HANDLE ); TEST_ASSERT ( 0 == mbedtls_md( md_info, src_str->x, src_str->len, output ) ); @@ -181,7 +189,7 @@ void md_text_multi( char * text_md_name, char * text_src_string, unsigned char output[100]; int halfway, len; - const mbedtls_md_info_t *md_info = NULL; + mbedtls_md_handle_t md_info = MBEDTLS_MD_INVALID_HANDLE; mbedtls_md_context_t ctx, ctx_copy; mbedtls_md_init( &ctx ); @@ -197,7 +205,7 @@ void md_text_multi( char * text_md_name, char * text_src_string, halfway = len / 2; md_info = mbedtls_md_info_from_string(md_name); - TEST_ASSERT( md_info != NULL ); + TEST_ASSERT( md_info != MBEDTLS_MD_INVALID_HANDLE ); TEST_ASSERT ( 0 == mbedtls_md_setup( &ctx, md_info, 0 ) ); TEST_ASSERT ( 0 == mbedtls_md_setup( &ctx_copy, md_info, 0 ) ); @@ -230,7 +238,7 @@ void md_hex_multi( char * text_md_name, data_t * src_str, { char md_name[100]; unsigned char output[100]; - const mbedtls_md_info_t *md_info = NULL; + mbedtls_md_handle_t md_info = MBEDTLS_MD_INVALID_HANDLE; mbedtls_md_context_t ctx, ctx_copy; int halfway; @@ -242,7 +250,7 @@ void md_hex_multi( char * text_md_name, data_t * src_str, strncpy( (char *) md_name, text_md_name, sizeof( md_name ) - 1 ); md_info = mbedtls_md_info_from_string(md_name); - TEST_ASSERT( md_info != NULL ); + TEST_ASSERT( md_info != MBEDTLS_MD_INVALID_HANDLE ); TEST_ASSERT ( 0 == mbedtls_md_setup( &ctx, md_info, 0 ) ); TEST_ASSERT ( 0 == mbedtls_md_setup( &ctx_copy, md_info, 0 ) ); @@ -277,14 +285,14 @@ void mbedtls_md_hmac( char * text_md_name, int trunc_size, { char md_name[100]; unsigned char output[100]; - const mbedtls_md_info_t *md_info = NULL; + mbedtls_md_handle_t md_info = MBEDTLS_MD_INVALID_HANDLE; memset( md_name, 0x00, 100 ); memset( output, 0x00, 100 ); strncpy( (char *) md_name, text_md_name, sizeof( md_name ) - 1 ); md_info = mbedtls_md_info_from_string( md_name ); - TEST_ASSERT( md_info != NULL ); + TEST_ASSERT( md_info != MBEDTLS_MD_INVALID_HANDLE ); TEST_ASSERT ( mbedtls_md_hmac( md_info, key_str->x, key_str->len, src_str->x, src_str->len, output ) == 0 ); @@ -299,7 +307,7 @@ void md_hmac_multi( char * text_md_name, int trunc_size, data_t * key_str, { char md_name[100]; unsigned char output[100]; - const mbedtls_md_info_t *md_info = NULL; + mbedtls_md_handle_t md_info = MBEDTLS_MD_INVALID_HANDLE; mbedtls_md_context_t ctx; int halfway; @@ -310,7 +318,7 @@ void md_hmac_multi( char * text_md_name, int trunc_size, data_t * key_str, strncpy( (char *) md_name, text_md_name, sizeof( md_name ) - 1 ); md_info = mbedtls_md_info_from_string( md_name ); - TEST_ASSERT( md_info != NULL ); + TEST_ASSERT( md_info != MBEDTLS_MD_INVALID_HANDLE ); TEST_ASSERT ( 0 == mbedtls_md_setup( &ctx, md_info, 1 ) ); halfway = src_str->len / 2; @@ -344,14 +352,14 @@ void mbedtls_md_file( char * text_md_name, char * filename, { char md_name[100]; unsigned char output[100]; - const mbedtls_md_info_t *md_info = NULL; + mbedtls_md_handle_t md_info = MBEDTLS_MD_INVALID_HANDLE; memset( md_name, 0x00, 100 ); memset( output, 0x00, 100 ); strncpy( (char *) md_name, text_md_name, sizeof( md_name ) - 1 ); md_info = mbedtls_md_info_from_string( md_name ); - TEST_ASSERT( md_info != NULL ); + TEST_ASSERT( md_info != MBEDTLS_MD_INVALID_HANDLE ); TEST_ASSERT( mbedtls_md_file( md_info, filename, output ) == 0 ); diff --git a/tests/suites/test_suite_pk.function b/tests/suites/test_suite_pk.function index 8b95baba9..fc917d003 100644 --- a/tests/suites/test_suite_pk.function +++ b/tests/suites/test_suite_pk.function @@ -593,7 +593,7 @@ void pk_rsa_verify_test_vec( data_t * message_str, int digest, int mod, TEST_ASSERT( mbedtls_mpi_read_string( &rsa->E, radix_E, input_E ) == 0 ); - if( mbedtls_md_info_from_type( digest ) != NULL ) + if( mbedtls_md_info_from_type( digest ) != MBEDTLS_MD_INVALID_HANDLE ) TEST_ASSERT( mbedtls_md( mbedtls_md_info_from_type( digest ), message_str->x, message_str->len, hash_result ) == 0 ); TEST_ASSERT( mbedtls_pk_verify( &pk, digest, hash_result, 0, @@ -709,7 +709,7 @@ void pk_sign_verify_restart( int pk_type, int grp_id, char *d_str, unsigned char sig[MBEDTLS_ECDSA_MAX_LEN]; unsigned char sig_check[MBEDTLS_ECDSA_MAX_LEN]; size_t hlen, slen, slen_check; - const mbedtls_md_info_t *md_info; + mbedtls_md_handle_t md_info; mbedtls_pk_restart_init( &rs_ctx ); mbedtls_pk_init( &prv ); @@ -729,7 +729,7 @@ void pk_sign_verify_restart( int pk_type, int grp_id, char *d_str, slen_check = unhexify( sig_check, sig_str ); md_info = mbedtls_md_info_from_type( md_alg ); - TEST_ASSERT( md_info != NULL ); + TEST_ASSERT( md_info != MBEDTLS_MD_INVALID_HANDLE ); hlen = mbedtls_md_get_size( md_info ); mbedtls_md( md_info, (const unsigned char *) msg, strlen( msg ), hash ); diff --git a/tests/suites/test_suite_pkcs1_v15.function b/tests/suites/test_suite_pkcs1_v15.function index 0723623a5..58c25bf67 100644 --- a/tests/suites/test_suite_pkcs1_v15.function +++ b/tests/suites/test_suite_pkcs1_v15.function @@ -275,8 +275,10 @@ void pkcs1_rsassa_v15_sign( int mod, int radix_P, char * input_P, int radix_Q, TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 ); - if( mbedtls_md_info_from_type( digest ) != NULL ) + if( mbedtls_md_info_from_type( digest ) != MBEDTLS_MD_INVALID_HANDLE ) + { TEST_ASSERT( mbedtls_md( mbedtls_md_info_from_type( digest ), message_str->x, message_str->len, hash_result ) == 0 ); + } TEST_ASSERT( mbedtls_rsa_pkcs1_sign( &ctx, &rnd_buffer_rand, &info, MBEDTLS_RSA_PRIVATE, digest, 0, hash_result, output ) == result ); if( result == 0 ) @@ -313,9 +315,10 @@ void pkcs1_rsassa_v15_verify( int mod, int radix_N, char * input_N, TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( ( mod + 7 ) / 8 ) ); TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 ); - - if( mbedtls_md_info_from_type( digest ) != NULL ) + if( mbedtls_md_info_from_type( digest ) != MBEDTLS_MD_INVALID_HANDLE ) + { TEST_ASSERT( mbedtls_md( mbedtls_md_info_from_type( digest ), message_str->x, message_str->len, hash_result ) == 0 ); + } TEST_ASSERT( mbedtls_rsa_pkcs1_verify( &ctx, NULL, NULL, MBEDTLS_RSA_PUBLIC, digest, 0, hash_result, result_str->x ) == result ); diff --git a/tests/suites/test_suite_pkcs1_v21.function b/tests/suites/test_suite_pkcs1_v21.function index 99be08ac0..a9635e17d 100644 --- a/tests/suites/test_suite_pkcs1_v21.function +++ b/tests/suites/test_suite_pkcs1_v21.function @@ -128,8 +128,10 @@ void pkcs1_rsassa_pss_sign( int mod, int radix_P, char * input_P, int radix_Q, TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 ); - if( mbedtls_md_info_from_type( digest ) != NULL ) + if( mbedtls_md_info_from_type( digest ) != MBEDTLS_MD_INVALID_HANDLE ) + { TEST_ASSERT( mbedtls_md( mbedtls_md_info_from_type( digest ), message_str->x, message_str->len, hash_result ) == 0 ); + } TEST_ASSERT( mbedtls_rsa_pkcs1_sign( &ctx, &rnd_buffer_rand, &info, MBEDTLS_RSA_PRIVATE, digest, 0, hash_result, output ) == result ); @@ -169,8 +171,10 @@ void pkcs1_rsassa_pss_verify( int mod, int radix_N, char * input_N, TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 ); - if( mbedtls_md_info_from_type( digest ) != NULL ) + if( mbedtls_md_info_from_type( digest ) != MBEDTLS_MD_INVALID_HANDLE ) + { TEST_ASSERT( mbedtls_md( mbedtls_md_info_from_type( digest ), message_str->x, message_str->len, hash_result ) == 0 ); + } TEST_ASSERT( mbedtls_rsa_pkcs1_verify( &ctx, NULL, NULL, MBEDTLS_RSA_PUBLIC, digest, 0, hash_result, result_str->x ) == result ); diff --git a/tests/suites/test_suite_pkcs5.function b/tests/suites/test_suite_pkcs5.function index 26f1d3331..a8f052384 100644 --- a/tests/suites/test_suite_pkcs5.function +++ b/tests/suites/test_suite_pkcs5.function @@ -12,14 +12,14 @@ void pbkdf2_hmac( int hash, data_t * pw_str, data_t * salt_str, int it_cnt, int key_len, data_t * result_key_string ) { mbedtls_md_context_t ctx; - const mbedtls_md_info_t *info; + mbedtls_md_handle_t info; unsigned char key[100]; mbedtls_md_init( &ctx ); info = mbedtls_md_info_from_type( hash ); - TEST_ASSERT( info != NULL ); + TEST_ASSERT( info != MBEDTLS_MD_INVALID_HANDLE ); TEST_ASSERT( mbedtls_md_setup( &ctx, info, 1 ) == 0 ); TEST_ASSERT( mbedtls_pkcs5_pbkdf2_hmac( &ctx, pw_str->x, pw_str->len, salt_str->x, salt_str->len, it_cnt, key_len, key ) == 0 ); diff --git a/tests/suites/test_suite_rsa.function b/tests/suites/test_suite_rsa.function index f2a9b9878..4d22c9b35 100644 --- a/tests/suites/test_suite_rsa.function +++ b/tests/suites/test_suite_rsa.function @@ -497,8 +497,10 @@ void mbedtls_rsa_pkcs1_sign( data_t * message_str, int padding_mode, TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 ); - if( mbedtls_md_info_from_type( digest ) != NULL ) + if( mbedtls_md_info_from_type( digest ) != MBEDTLS_MD_INVALID_HANDLE ) + { TEST_ASSERT( mbedtls_md( mbedtls_md_info_from_type( digest ), message_str->x, message_str->len, hash_result ) == 0 ); + } TEST_ASSERT( mbedtls_rsa_pkcs1_sign( &ctx, &rnd_pseudo_rand, &rnd_info, MBEDTLS_RSA_PRIVATE, digest, 0, @@ -538,8 +540,10 @@ void mbedtls_rsa_pkcs1_verify( data_t * message_str, int padding_mode, TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 ); - if( mbedtls_md_info_from_type( digest ) != NULL ) + if( mbedtls_md_info_from_type( digest ) != MBEDTLS_MD_INVALID_HANDLE ) + { TEST_ASSERT( mbedtls_md( mbedtls_md_info_from_type( digest ), message_str->x, message_str->len, hash_result ) == 0 ); + } TEST_ASSERT( mbedtls_rsa_pkcs1_verify( &ctx, NULL, NULL, MBEDTLS_RSA_PUBLIC, digest, 0, hash_result, result_str->x ) == result ); diff --git a/tests/suites/test_suite_ssl.function b/tests/suites/test_suite_ssl.function index 268d56cea..9873dd828 100644 --- a/tests/suites/test_suite_ssl.function +++ b/tests/suites/test_suite_ssl.function @@ -102,12 +102,12 @@ static int build_transforms( mbedtls_ssl_transform *t_in, if( cipher_info->mode == MBEDTLS_MODE_CBC || cipher_info->mode == MBEDTLS_MODE_STREAM ) { - mbedtls_md_info_t const *md_info; + mbedtls_md_handle_t md_info; unsigned char *md0, *md1; /* Pick hash */ md_info = mbedtls_md_info_from_type( hash_id ); - CHK( md_info != NULL ); + CHK( md_info != MBEDTLS_MD_INVALID_HANDLE ); /* Pick hash keys */ maclen = mbedtls_md_get_size( md_info ); diff --git a/visualc/VS2010/mbedTLS.vcxproj b/visualc/VS2010/mbedTLS.vcxproj index 2ec9178af..e6f9ec815 100644 --- a/visualc/VS2010/mbedTLS.vcxproj +++ b/visualc/VS2010/mbedTLS.vcxproj @@ -264,7 +264,6 @@ -